Home Insights & Advice How to beat the cybergrinches when festive shopping online

How to beat the cybergrinches when festive shopping online

by Jeff Shiner, CEO of 1Password
15th Dec 21 11:04 am

The Covid pandemic has spurred a surge in online shopping in the UK – with internet sales now making up 26.3 percent of total retail sales, according to the latest data from the Office of National Statistics. This growth comes despite consumers muttering the words ‘supply chain’ and ‘inflation’ whenever they see empty (virtual) shelves and skyrocketing prices on their go-to retail websites.

There’s another worry that shoppers can’t forget about this year: their cybersecurity when stocking up for Winter celebrations or buying gifts online. Hackers are keen observers of the human psyche and view the holiday period as an ideal time to take advantage of vulnerable shoppers’ impulses. The combination of accelerated online traffic from festive promotions, e-commerce newbies who shopped online for the first time during the pandemic, and distracted consumers scouring for deals and available products, is leaving the door open to attacks.

Many of us don’t miss the busy, crowded shops or the long queues and general stress that come with in-person holiday shopping. But when switching to online shopping instead, consumers need to contend with cyber criminals who are manipulating ‘pop-up’ Instagram shopping sites, developing phishing schemes and creating can’t-miss coupons that look too good to be true (and often are).

Here’s how holiday shoppers can avoid the most tempting cyber-traps over the festive period:

Same logins, multiple sites

Shoppers should avoid using the same credentials across different websites, which can lead to breaches. While it might make logging into certain accounts and websites quicker, the more often a password is reused, the greater the chance it can be stolen because hackers have an opportunity to compromise more than one account at the same time.

There’s no compelling reason to keep all your logins in your head or written on a piece of paper that’s stashed in a desk drawer. Rather, shoppers should consider using a password generator or password manager, which will allow them to easily come up with a unique password for each website that they use. Adding another layer of protection to accounts, particularly multi-factor authentication, will also strengthen security hygiene by requiring shoppers to identify themselves using factors other than their email and password.

Don’t let sales get in the way of security

When purchasing gifts, goods, and services online, shoppers should take time to evaluate the legitimacy of an unfamiliar website or they could get more than they bargained for, including losing control of their personal data.

Tell-tale signs that shoppers should look out for before disclosing their credentials online include unusual URLs, poor grammar or misspelled words, and unfamiliar company logos or fonts. A useful piece of advice is that any secure website that you buy from should have a padlock icon in the browser’s address bar.

Ignore phishy emails

The number of phishing attacks has more than doubled since early 2020, according to the global Anti-Phishing Working Group. While purchases from ‘legitimate’ websites such as Amazon, Tesco and Argos are often safe, shoppers can’t let their guards down when it comes to phishing scams. For instance, if an email arrives from Amazon informing you about an issue with your payment card, it’s crucial to verify that the email is genuinely from Amazon.

Become a shopping sceptic when confronted with unsolicited coupons or deals, especially if they come from unfamiliar websites. Knowing that shoppers are racing for deals, hackers are unleashing phishing schemes that force victims into thinking they will miss out unless they act immediately. Instead, shoppers should slow down and think about the ‘deal’ at hand before giving up any personal credentials or clicking any links or attachments.

Online holiday shopping may be fast, convenient and doesn’t require searching for a parking space, but it’s becoming much more precarious. While concerns around inflation and supply chain bottlenecks are real, we can avoid adding cybersecurity issues to the mix by carefully considering the websites that we use and the emails we receive.

Steering clear of the annual traps mentioned above can help prevent hackers from receiving their big year-end bonuses. Those few extra minutes spent verifying an email or website, or creating a more secure password, will help shoppers avoid the post-holiday blues caused by stolen credentials.

About the author

Jeff Shiner is CEO and Chairman of the Board for 1Password, the world’s leading password and secrets management company. 1Password protects more than than 100,000 business customers worldwide, including IBM, Slack, PagerDuty, WealthSimple and Gitlab. Shiner previously held leadership roles at Rosetta and IBM Canada.


Leave a Commment


Sign up to our daily news alerts

[ms-form id=1]