The festive season is finally upon us, which means many of us will be making the most of the discounts and fast shipping offered by online retailers.

More and more people in the UK are opting for the convenience of doing their seasonal shopping online rather than traipsing through busy high-street stores — especially in the wake of coronavirus lockdowns, which prompted a significant increase in online sales.

But bargain hunters beware; online shopping is not without risk. The explosion of digital transactions during the holiday period attracts a host of hackers looking to exploit consumers through social engineering scams such as phishing and ransomware that can have devastating consequences for individuals and businesses alike.

According to the National Cyber Security Centre (NCSC), victims of online shopping scams lost an average of £1,000 each over the festive season last year. And it is not just money that is at risk; cyber criminals also target online shoppers to steal personal information such as bank details and addresses, which they can later use to conduct fraud.

As hackers ramp up their efforts, digital customers must remain vigilant. So, to help you have a fraud-free Christmas and new year, we have compiled some helpful tips for shopping safely online…

Do your due diligence

Before you follow a link to any promotion or offer sent to you via text or email, take a look at the source and website addresses. Many fake web pages and malicious links have subtle typos that catch people out, so make sure you check these carefully.

It is also wise to research the business you are buying from to see whether any other customers have left feedback about potential scams. If you are unsure whether a link is trustworthy, try to access the company’s website by typing it into a search engine instead.

Put it on the plastic

If you have a credit card, now is an excellent time to put it to use. Most leading credit card providers are obliged to refund you in the event of a cyber attack or fraud, providing an extra layer of protection as you shop online. Alternatively, scammers get a direct line to your funds if your debit card is compromised.

Make sure you also regularly check your bank statements for unwanted transactions. If you do come across one you do not recognise, call your bank provider to start an investigation.

Protect your personal information

Phishing scams, which involve attempts to trick users into clicking malicious links, often aim to extract personally identifiable information (PII) like names, account numbers and addresses that hackers can use to steal your identity and gain access to your accounts.

So, only ever submit the mandatory details required to complete your purchase. Unless you are a regular customer, avoid creating an account with an e-tailer to protect your data when you place an order. Where possible, carry out payments via online platforms such as Apple Pay or PayPal to ensure the company never accesses your payment details during a transaction.

Reinforce your passwords

Passwords are the first line of defence against cyber attacks, so yours must be secure. According to a survey by Bitwarden, an open-source password manager for consumers and businesses, 84% of global respondents reuse passwords across multiple sites, presenting cyber criminals with more vulnerabilities to exploit.

Setting up multi-factor authentication (MFA) across your online shopping, banking and email profiles and choosing secure passwords consisting of three random words can prevent hackers from getting into your accounts and stop a cyber attack from spreading in the event of a breach.                                                 

Check your connection

Most reputable organisations will have a closed padlock icon next to their web address, which should start with ‘HTTPS’ rather than ‘HTTP’ to indicate the site has secure sockets layer (SSL) protection. Although this does not guarantee the retailer is reliable, it does ensure the connection is encrypted. If the symbol is not there, or your browser says the page is not secure, you should avoid entering any financial information.

Making online purchases on the move? You must ensure you are doing so on a private or secure network — and that no one is looking over your shoulder when you submit your details. Never connect to a public hotspot you are unfamiliar with — even if it is free — and consider using a virtual private network (VPN) to be extra safe.

Trust your gut

Should you start to feel uneasy at any stage in a digital transaction, it is never too late to abandon it. It is always better to be safe than sorry; hesitating before falling for a scam that calls for ‘urgent’ action can save you a lot of time and money in the long run.

If you are worried that you may have fallen foul of a phishing attack or believe you have received a scam communication, report it to the authorities and to the provider of any account that may have been affected. Remember, if it seems too good to be true, it probably is!

Our team of information security consultants is on hand to answer your cyber security questions and help you develop an IT strategy that will keep your systems secure and your business productive. Contact us today at 01252 843014 or email info@burningtree.co.uk to discover how our consulting services could benefit you.