The global pandemic of Covid 19 caused many shops to close and forced people to stay at home more than ever, socialising over Zoom and shopping online. In recent years, there has been an explosion in the growth of internet retailing, with more than half of all UK consumers now shopping online according to retail analysts, GlobalData. With the UK’s online shopping spend forecast to grow 30% by 2024, a major factor is the increasing power and availability of mobile phones allowing people to shop whenever and wherever they happen to be.
Big business for criminals
It is not only sellers that have taken advantage of the growth of online retailing, but cyber criminals have too. Attacks have become more sophisticated, so shoppers need to be alert and cautious when looking for online bargains.
As a victim of cyber-crime, you might:
find yourself on a fake website and pay for items that do not exist.
Have your payment card details stolen and fraudulent purchases made from it or have your bank account cleared out.
Have your personal details such as payment card, name, address, username and passwords stolen, and credit cards and loans taken out in your name.
Have your stolen username and passwords tried on all your other accounts to see if any anything else can be stolen. These details can be sold on to other cyber criminals.
Here are some essential tips to stay safe while shopping online.
Check the website is secure Hover your mouse over the web address in the address bar. You are looking for a closed padlock symbol in the address bar and ideally, the address will start with, https:// Without an https, any data passed on the site can be intercepted by criminal third parties. Do not even think of shopping on a website that does not have a padlock and the letters https://
Watch out for fake websites
If you are searching up brands and looking for best deals on the web, you can be taken to a fake website that is selling counterfeit goods or things that you will never ever get. Firstly, check the web address, there may be slight differences such as instead of . co.uk, it is .org . Are the words spelt correctly? Criminals actually buy up domain names that are very slightly different to recognized brands hoping to take advantage of people’s typos. The pictures on the website might be slightly pixilated and other content seem odd or substandard, however, fake websites can be very professional, making it difficult to tell they are fake, but, if the deals are too good to be true, this is probably the case.
Use a credit card for online shopping
If a fraudulent purchase is made on your credit card, there’s a good chance your credit card provider will reimburse you straight away, a debit card does not have the same protection. Credit card accounts may also have anti-fraud measures in place that block large or unusual purchases or require additional authentication from your mobile phone. You can set up alerts on your credit card where you are contacted if a payment over a certain amount has been requested.
Do not use public Wi-fi to go shopping
Unsecured Wi-fi like the one you might find in a coffee shop or train or hotel is not a safe environment to make transactions, or indeed, even to check your email or instant messages. Anyone within that network may be able to hack into your device and steal your valuable personal information.
Beware of phishing emails and social media scams
There is a massive increase in scams, many of which start in a fraudulent email or a link on Facebook or Twitter. They may appear to come from a well-known retailer or favourite brand, or your bank or PayPal account, they might offer great deals or cash prizes or they might inform you that your account has been frozen and you need to take urgent action. These are all tricks to get you to click on a link or to take you to a fake website or ring a premium phone line. The fake authentication process that follows will allow your security information to be stolen. Be aware of these very common scams and if anything feels a bit odd, or you feel stressed by high pressure tactics, delete immediately. Better still, never click on a link from an email or social media site unless you are 100% sure it is legitimate.
Use strong passwords
If your password exists in the dictionary, it can be busted in seconds by the average cybercriminal who uses a computer to do the job. Instead, use three random words that you can remember with a mixture of upper and lower case and a few numbers and symbols. It’s very important to use a different password for every account that you have, this is because if one account is breached and your password discovered, criminals cannot break into all your other accounts. To make your life a lot simpler, try using a password manager such as LastPass, Dashlane or Bitwarden to take care of all your passwords so you don’t have to remember them. You can usually download one from their website for free.
As more of our information and activities go online, cyber security has become a necessary part of life that keeps us safe from crime. Just like learning anything new, it can be broken down into small steps and implemented in bite sized chunks. Businesses of all sizes are at particular risk of cybercrime and would benefit from working towards Cyber Essentials which is a Government approved scheme. By implementing just five core controls that protect against most cyber-attacks, businesses can ensure they are on the right track as well as demonstrating to their customers and suppliers that they are serious about cyber security. Click here to find out more about the Cyber Essentials scheme.
This article has been written by IASME. The IASME Governance standard was developed over several years during a government funded project to create a cyber security standard which would be an affordable and achievable alternative to the international standard, ISO27001. The standard allows small companies in a supply chain to demonstrate their level of cyber security for a realistic cost and indicates that they are taking good steps to properly protect their customers information.