Everyone loves a bargain, and this time of year, there's plenty on offer. In fact, Black Friday and Cyber Monday have become synonymous with the term 'bargain'. Unfortunately, even in the run up to Christmas, if you see an offer that looks too good to be true - there's a very good chance it's a scam.
Cyber criminals have a field day at this time of year because they know your guard is a little lower as you rush to bag the bargains. Your inbox is probably full of promotional emails promising the most incredible deals. And when this is the norm, it becomes hard to differentiate real bargains from the dodgy ones.
Fake websites and phoney branding can trick even the savviest shopper. But, fortunately, you don't need a computer science degree to spot them. Our seven seasonal tips will help you protect yourself and your family from the majority of these scams.
Stay up to date
Make sure you install the latest software and app updates. I know it can be annoying to wait a few minutes whilst the updates load, but they usually contain really important security updates that can protect you against identity theft. Information can easily be found about how to install these updates from Apple, Microsoft and Google. Even better, just turn on automatic updates so your device will update itself in future.
Use strong passwords
Secure your important accounts with a good password - especially your email. Cyber criminals want to hack into your email account so they can find valuable information about you. Things like bank details and your address or date of birth, along with the details of all your other online accounts. You should have a strong password for your email, that you don't re-use anywhere else. This will mean that a cyber criminal who successfully hacks your email won't also be able to log into your bank account.
Turn on two-factor authentication (2FA)
To secure any online account even further, you can turn on an extra layer of protection called two-factor authentication (2FA). 2FA is a way for the service you're using to double check that you really are the person you claim to be when logging in. For example, by sending a security code to your mobile phone. This ensures that any cyber criminals in possession of your password still can’t access your account because they won't have this "second factor".
Use a password manager
Having separate passwords is all very well, but how do you remember them all? Well, you could consider using a password manager. This isn't such a strange idea - you probably already have a password manager. They are built into your internet browser and often into your device (e.g. your smartphone or tablet). You may have noticed that, when you sign into your online accounts a box appears asking if you want the browser (or device) to remember your password. If your browser or device is up to date, and you're not sharing your device with anyone else, then it is safe to tick the box and let it remember your password. This means that you won't have to re-enter your password every time you log in.
Take care with links in emails and texts
Once you start shopping, stay alert. Some of the emails or texts you receive about amazing offers may contain links to fake websites, designed to steal your money and personal details. Be wary of links in an email or text message - not all links are bad, but it's good practice to check by typing the shop’s website address manually into the address bar of your browser or find the website through your search engine (e.g. Google, Bing). Only shop on sites that you trust and report phishing emails to Action Fraud or hit the Spam or Report button within your email account. There's plenty of information out there about how to spot a phishing scam including this from Which?
Don't give away too much information
You don’t normally have to give out your mother’s maiden name or the name of your primary school to buy something. There’s some obvious details that an online store will need, such as your address and your bank details, but be cautious if they ask for details that are not required for your purchase. Only fill in the mandatory details of forms (usually marked with an asterisk*) when making a purchase. If you can avoid it, don’t create an account on a new site unless you’re going to use that site a lot in the future. You can usually checkout as a guest to make your purchase.
When things don't feel right
Sometimes, things can still go wrong, no matter how careful you are. We're all human, and some of these scams are very sophisticated. Occasionally though, you'll just get the feeling that something isn't right - the site may be asking you for too much information or appear to be located in a country far, far away. If this happens, this is what you should do:
Take a note of the website address you’re concerned about and then immediately close down your internet browser. Report the details to Action Fraud and contact your bank to seek advice. Whether you've been a victim of fraud will depend on how much information you’ve provided to the website. So keep an eye on bank transactions, if you can.
After sales care
After shopping, you should remain on your guard. It’s important to be vigilant for any suspicious activity on your bank account. This is the quickest and easiest way of identifying if you’ve been a victim of a scam. Check your bank statements regularly and contact your bank immediately about anything that you don’t recognise, even small amounts.
Happy (bargain) hunting
I really hope these tips will help you avoid the scammers and get all the Black Friday bargains you're wishing for (I bet your wish list isn't as long as mine!).
If you've bought any internet connected devices (such as a smart TV, home assistant or kitchen appliances), it's worth your time checking out this guide on setting up your new devices securely.
Please share these tips with your family and friends, particularly those who might be a bit less savvy than yourself. We need to help each other to beat the scammers. Having a cyber chat today could protect you and your family online tomorrow.
Head of Public Engagement
Want to find out more? Listen to a series of NCSC podcasts especially produced for Black Friday, featuring retail and security experts.