In the rush from one store to the next, it’s easy to become distracted, frantically opening emails from your smartphone, searching for that last-minute deal from your favourite store. Many shoppers choose to beat holiday crowds by purchasing gifts online but as online sales boom, so do cyber attacks.
In the event of Santa utilising artificial intelligence, blockchain and cyber security to enhance Lapland's operations, could the rate of cybercrime increase or decrease?
According to Deloitte’s annual retail holiday sales forecast, there is expected to be up to a 22% jump in online sales compared to last year. Additionally, online sales are expected to reach up to approximately £100 billion during the holiday season.
With so many of us shopping online, we open ourselves to phishing attacks, spam email, malicious websites, viruses and other cyber attacks fighting to enter our chimney (account), aiming to steal our money and/or information.
The cyber criminals will most likely be impersonating retailers, couriers, and payment services.
It’s common for a cybercriminal to use emails to gain access to your financial or personal information. Criminals will send a phishing email, within which they will copy a retailer’s sale or discount email, and include a link to a false portal/website, requesting that you enter your information.
The criminals are relying on your unquestioning trust! Sometimes you can spot these phishing emails by the strange email address, spelling errors, or incorrect grammar contained. Additionally, a reputable organisation will never request for your personal or financial information by email.
You may also be sent fake notifications, referring to a payment failure, tracking number, supposed refund, fake voucher or coupons.
What could happen if you ignore this article, and click on a phishing link or download an attachment? Well, you may install malware, such as a virus, spyware, or ransomware on your device. This is typically done without you realising it's actually happening. Once installed, it may:
• Harvest your personal and financial information
• Send phishing emails to the contacts in your address list
• Provide remote access to your device
In the unfortunate event of clicking on a phishing link or downloading an attachment, you should consider taking the following actions:
• Disconnect from the Internet: Switch off the Wi-Fi, mobile data, ethernet cable, etc. This will reduce the risk of malware sending phishing emails and enabling remote access to your device.
• Backup your Data: The malware may attempt to either encrypt your data via ransomware, or delete it. In either case, if you regularly backup your data, e.g. to the cloud, you will have the assurance that not all is lost.
• Scan your Device for Malware: Anti-malware software can protect you from malicious software. Devices often come installed with anti-malware software. Or, it can be easily downloaded. It's always a good idea to run a scan on a regular basis.
• Change your Credentials: As mentioned, your personal and financial information may be harvested, including your website usernames and passwords. So, you may want to change your credentials to help ensure that your online accounts haven't been compromised.
It is a mistake to use the same username and password for each online account, as the cyber criminals will only need the details for one account to access them all. Create a strong password by using a combination of upper and lowercase letters, numbers and special characters.
• Setup a Fraud Alert: Contact a credit rating agency and request for a fraud alert to be configured on your credit report.
• Continue with Caution: Delete emails from unrecognised senders. However, even if you receive an email from a known organisation/brand, bear in mind that you shouldn't be asked to share any personal or financial information through email or text message. If you are asked for this, hit the "delete" button. If the message is important, the sender will contact you by telephone or post.
In reducing our risk to cybercrime over Christmas, the following additional actions are important for us all to follow — whether we have responded to a phishing email, or not:
• Be wary of new retailers: We tend to buy items from vendors we trust. However, a new retailer may pop-up on the scene, offering big discounts and showing great customer reviews. There is a chance these reviews are fake. Also, check that the retailer is showing full multiple methods of contact, in case you encounter a problem with your order. If you still wish to place an order, start small.
• Use retailers with secured websites: Secure websites will display a closed padlock in the status bar, and the URL will begin with "HTTPS", indicating that the webpage uses the SSL or TLS protocol, a data transfer security standard which encrypts data and authenticates the server and the integrity of the message.
• Keep your device's software updated: Software updates are important as criminals will always try to exploit any software bugs which may exist. Software updates prevent such exploits.
• Check bank statements regularly: Checking your statement on a fortnightly or monthly basis allows you to detect any unusual charges. If you see any, report it to your bank.
Christmas is a season to be jolly, but also a season to be aware of cybercrime! Our exposure to cyber attacks is heightened and we must be mindful to protect ourselves and our devices while shopping.