.
In recent years, Black Friday has established itself as one of the most intense periods for online sales in Portugal. However, it is not just companies that are preparing for a significant increase in sales, nor customers thinking about what they are going to buy – cybercriminals also have this date marked on their calendars and are ready to attack. Therefore, the Sophosa global leader in innovating and offering cybersecurity solutions as a service, offers some tips for shopping safely on this upcoming date.
Ransomware is currently the most feared cyberattack by businesses – and according to the study “The State of Ransomware in Retail 2022” by Sophos, retail was precisely the second sector most attacked by ransomware in 2021, just behind the media, leisure and entertainment sector. In fact, 77% of retail companies worldwide were the target of ransomware attacks in 2021 – an increase of 75% compared to 2020. On the other hand, the study indicates that a large part of retail companies need to improve their security posture, as only 28% managed to prevent their data from being encrypted by cybercriminals.
In view of this data, traders should not see computer attacks as a possibility, but as a certainty – it is no longer a matter of knowing “if they will suffer”, but rather “when they will suffer” an attack of this kind.
“The best reason for retailers to improve cybersecurity ahead of Black Friday is that by doing so, they are strengthening their security for the rest of the year, and ensuring a brighter future,” commented Paul Ducklin, Principal Research Scientist at Sophos
An example of this is the $1.9 million fine that the state of New York imposed on the e-commerce Shein because she lied about a data breach she suffered. The lack of a good cybersecurity strategy can lead to situations like the one experienced by Shein, from whom 39 million user accounts and passwords, as well as bank details, were stolen.
The fine is due to the fact that the company not only did not detect this vulnerability (which was notified by third parties), but also for not having dealt with the magnitude of the attack in a transparent way towards its users.
So Sophos cybersecurity experts recommend the following tips for shopping safely online this Black Friday:
- Use debit or prepaid cards whenever possible Taking into account the level of exposure that this shopping period represents, using a card with a fixed balance limits the risk, in addition to ensuring that there is no link with the rest of your accounts. Falling for a scam while shopping online can have “minor” consequences, such as not receiving the orders you ordered, but it can also be an even bigger problem if cybercriminals gain access to your savings or your digital identity.
- Review bank movements Whenever you shop online, check your bank transactions and review any exceptional expenses. You are also advised to check purchase confirmation emails to ensure that fraudulent transactions are not being made without your knowledge.
- Avoid impulse purchases and great “amazing” deals Cybercriminals present attractive offers that are difficult to refuse, in addition to pressing with time-limited offers to generate the impulse to buy immediately (and therefore to click on a malicious website). Furthermore, not all attackers use suspicious domains, make spelling mistakes or misspell the local currency symbol – some launch really well-crafted communications. So, it’s very important to stay alert, stop and think before clicking on any links, and if something seems weird or too good to be real… it probably is.
- Use a password manager Despite this being widely repeated advice, there are still few users who use this tool, which is very effective against phishing. All you need is a master password (which must be good and reliable enough) and the tool will create random passwords, remember them and enter each one on the respective website, without you having to remember them all. Furthermore, if you access a false or malicious website, the password manager will not recognize you and will not enter your password, which helps us to be a little more protected.
- Use a web filter and avoid “autocomplete” forms on websites Web filters prevent the user from browsing websites known to be used in fraud, phishing attacks or spreading malware. It is also important to check how much personal data your browser stores from previous sessions or logins. Removing the “autocomplete” option from as many websites as possible helps prevent cybercriminals from having easy access to personal data, passwords and credit card information.
Other interesting articles:
.
