Holiday Online Shopping: How to maintain your safety and privacy?
By: Maria Alejandra Pulgar
The Holidays are fast approaching, and along with them comes the time of the year when online purchases peak. The increment of transactions and careless consumer behaviors while shopping and browsing open the door for countless cybercrime opportunities, as thieves are constantly developing more sophisticated ways to trick their victims.
Cyber-attacks on businesses and individuals generate millions of dollars in losses due to data breaches, identity thefts, or crypto-jackings. It takes a simple mistake to fall prey to a scam. However, there are easy measures consumers can follow to avoid being in that situation.
A recent poll on National Public Radio (NPR) showed that 76% of American adults shop online, and 2% do it every day. Worldwide online sales totaled $5.2 trillion in 2022, and that amount is projected to reach $8.148 trillion by 2026, around 24% of global retail sales.
Although the volume of money involved in retail transactions is immense, there is more money in other types of cybercrime, such as identity thefts and ransomware. There is an increasing need to strengthen home networks, not only because of the Internet of Things (IoT) but also due to remote working, which could be a crack-through for cyber attackers looking to target corporations.
It requires more common sense than sophisticated technology to be safe online. The convenience of online shopping in the busiest time of the year is worth taking simple measures to do it safely and enjoy the experience.
How to avoid cyber threats?
The most important online shopping dates in the year are Black Friday and Cyber Monday. An estimated 125 million people in the US, around 37% of the population, made purchases online during those days in 2022, spending an average of $430 per person. Like in their brick-and-mortar counterparts, online retailers prepare and strengthen their stores’ security to provide their customers with a safe environment for their transactions, as the global costs of cybercrime increase every year. The estimate is that it will reach $10.5 trillion by 2025.
According to the Embroker Risk Management Report of 2023, the top online hacking technique used by cybercriminals is Social Engineering. It is the most effective because it “relies on human error rather than technical vulnerabilities” making attacks more dangerous than technical data breaches. They generally involve the use of phishing emails (impersonation of companies or people), to trick users into websites where personal data is stolen, opening doors for data breaching and ransomware. The easier way to avoid falling for these threats is never to click on links from emails or text messages not requested; not to disclose personal information on advertisements from social network applications; verify the address of emails or text senders; and never provide personal data over the phone or on suspicious websites. In case of phone or video calls, do not answer unknown numbers, let them go to voicemail, verify the sender, and return the call instead.
In the same way that having clean hands protects from the flu and COVID-19, having good “Cyber Hygiene” reduces the risks of suffering data breaches or cyber-attacks. “Cyber hygiene” includes good personal technology practices such as periodically changing passwords, “avoiding unprotected Wi-Fi networks, implementing a VPN or multi-factor authentication”. There are antivirus and safety software that can be used to manage passwords, and computer and mobile phone applications include options to activate additional authentications. It takes discipline and habit, but it is worth incorporating those simple practices to protect personal and corporate information.
Beyond personal devices such as computers and phones, the broadening use of smart household items (Internet of Things -IoT) has increased the vulnerability of the data for people and corporations. “The average smart device is attacked within five minutes of connecting to the internet” and a smart home “may be targeted as many as 12,000 times a week”. Those attacks may be prevented by simply increasing the security of the home internet connection, strengthening the Wi-Fi passwords, and activating antivirus, VPNs, and firewall software.
Increasing security plans today for a fast recovery
In case an attack happens, corporations should have in place a cyber-recovery plan, including insurance, to protect from ransomware or to cover losses related to data breaches. Individuals should have regular data backup, multipoint verifications, and password management practices, and immediately after the attack, additional safety measures need to be incorporated to cover vulnerabilities.
With common sense and simple safety measures, the online holiday shopping experience could be satisfactory and successful. Statistics show that American cyber-hygiene is very lacking; even more than 50% of IT professionals confess not having good personal measures to protect their data.
The inherent risks that come with the convenience of online shopping and browsing during the holidays are minimized by being proactive and vigilant enhancing the safety of the transactions to protect personal and financial information. Safety measures are simple and mostly free, just need to take time to include them in your routine to have a secure online holiday shopping experience.