Did you know an average of 47 high street shops shut down every day in 2022? That is almost double the number of stores we said goodbye to in 2021…

It is no secret that businesses have faced a lot of uncertainty as we experience the biggest cost-of-living hike in more than four decades, squeezing incomes for millions across the country. And with 80% of UK consumers now preferring to shop online than in bricks-and-mortar stores, anyone can see why the high street is struggling.

We are firmly in the era of online shopping — with bargains, fast delivery and convenience available at the click of a button. Unfortunately, no business or individual is safe from the risks of cyber attacks — and as more people turn to digital shopping (on personal AND business devices!), it is more important than ever to keep your cyber securitypractices strong…

Over and above scams and online businesses with a poor track record (key tip: if you are not familiar with the company or brand you are buying from, check with rating sites such as Google, Trustpilot, Amazon reviews, Choice, etc.) it is important to keep yourself secure.

Wondering how you and your team can stay safe online? We have compiled five helpful tips to keep you secure…

1. Choose credit over debit

For secure online payments, always use a credit card over a debit card when possible.

In the unfortunate event of fraud or a scam, most credit cards provide two important benefits: you can limit the amount of money for which you are responsible and (in most cases) are guaranteed a refund, and unlike debit cards, scammers will not have a direct line to your financial accounts.

Alternatively, use online payment services like PayPal, Google Wallet or Apple Pay for more secure checkouts.

Using these platforms to authorise your payments means your details remain unseen by the retailer, and the retailer can provide their own dispute resolution should anything go wrong. Plus, every transaction you make using these payment methods is authenticated first using biometric data, such as facial or fingerprint recognition, to ensure you are making the payment and not someone else.

2. Look for the lock

Never buy anything with your card online from a site that does not have a secure sockets layer (SSL) certificate. Unsure how to see if a site has an SSL?

Check the site’s URL to make sure it starts with HTTPS instead of just HTTP. (If you are configuring business devices for staff to use, make sure they are set up to upgrade navigations to HTTPS and warn users before loading sites that do not support it.)

You can also look for the locked padlock icon (usually to the left of the URL in the address bar). Although this does not guarantee the business’ reliability or customer service levels, it does ensure the connection is encrypted and your data will remain secure.

3. Protect your devices

When it comes to your or your business’ IT equipment, make sure all bases are covered. From tablets and smartphones to laptops and PCs, your software and firmware should always be up to date to ensure you have the latest security protection in place. And it never hurts to download antivirus software that detects, blocks and removes viruses, malware and ransomware from all devices.

For added security, ensure you and everyone else in your home or office only download apps from manufacturer-approved stores (like Google Play or the Apple App Store) — especially on business devices.

4. Create strong passwords

We have said it before and will say it again: switch up your passwords! This is never more important than when you are banking or shopping online.

Avoid using the most common passwords that are easy to guess. Instead, consider using a password manager tool that can store all your passwords securely to save you from having to remember them. The password manager will create a long, complex and unique password for every account and save them on the device securely.

And if you are in charge of IT policies within your organisation, make sure staff are given actionable information on setting passwords that is easy for them to understand.

Equally, check all business devices are set up to use two-factor or multi-factor authentication (MFA), like face facial recognition on phones or fingerprint authentication on laptops. You should also ensure enhanced protection is turned on in the chosen internet browser; these security features will warn users if their passwords have been exposed in a data breach and flag dangerous websites.

5. Beware of phishing

Always stop and think: could this be a scam?

Phishing is a type of fraud that involves tricking people into providing sensitive information, such as passwords or bank details, by masquerading as a trustworthy source. It can be done through email, social media or malicious websites. Common red flags include unexpected invoices, asking you to click on a link to make a payment, claims you are eligible for a refund or offers of coupons and free products.

Remember: if something seems too good to be true, it probably is, so do not risk it!

Phishing can be tricky to spot, but one of the best ways to avoid falling victim to a scam is not to see it in the first place. So, make sure you use modern, up-to-date browsers that block known phishing and malware sites when shopping. There are also plenty of apps and smartphone features that create aliases to prevent you from giving out your details and scammers from getting hold of them.

When it comes to business devices, use anti-spoofing controls to make it harder for emails from your domains to be spoofed. You should also limit administrator accounts through privileged access management to prevent users from accidentally installing malware from a phishing attempt.

Above all, you must ensure you and all staff know how to spot a scam and that your business takes a multi-layered approach to defend against these advanced attacks.

With these top cyber security tips in your business’ back pocket, there is only one thing left to do…

Are you ready to define an effective incident response plan and improve your organisation’s security practices? Contact our team of experts at 01252 843014 or email info@burningtree.co.uk to discuss our cyber security consultancy services.