- You are here:
- Home
-
Black Friday Online Shopping Safety Checklist
Vigilance is urged during this 2023 Black Friday and Cyber Monday, as “AI generated scams enhance the threat to this year’s festive shoppers, as it’s revealed over 7 in 10 British people worry that AI will make it easier for criminals to commit online fraud” – NCSC.
But while AI scams like voice cloning, romance scams, and language mimicking are on the rise, “93% of the biggest spenders, millennials aged 24-35, plan to shop during this coming weekend. And they spend an average of $419.52 per person.” But with cyber security threats at an all-time high, how can shoppers and businesses stay cyber safe?
Here are our top tips for staying safe online, and the preventative measures that can be taken while shopping for your latest bargain.- Be Aware of Phishing & Quishing Attacks
SecurityHQ analysts have recently observed a significant increase in Business Email Compromise (BEC), regarding phishing attacks containing QR code (Quishing) and captchas for credentials harvesting. Quishing attacks usually occur via the scanning of a QR code. This technique involves tricking users into scanning a QR code using a mobile phone. The QR code then redirects the user to a phishing or fake website that aims to steal their credentials.
Read more about Quishing, and how to spot QR Code vulnerabilities, here. - Read the Small Print
If something seems too good to be true, it probably is. While Black Friday deals can offer huge discounts that are genuine, people still need to make money. Anything ridiculously cheap is a red flag.
What to look for:
- It is worth checking the reputation score of retailers to determine if that retailer can be trusted.
- A website with no company address, descriptions or specifications on items are all red flags. Look for the details. And do not base purchases solely off star ratings, as these can be fake.
- Pop-ups that offer free electronics are obvious scams, containing malicious phishing links, and should be avoided at all costs.
- Read the small print. Often cons are perfectly visible if you know what to look for. Like seeing a picture of a laptop being advertised, going to buy said laptop for a reduced rate without reading the small print, and receiving a literal picture of a laptop in the post. The devil is in the detail.
- Use Reputable Websites/Companies
Tried and Tested – Using websites that are globally known is a good way to avoid any nasty surprises. Even if it is a couple of pounds more, it is worth knowing where your money is going and that your purchase will be tracked and delivered.
Use Antivirus Software that will warn you of potentially dangerous sites in search results as well.
Look For Suspicious Emails, as well as suspicious calls and text messages. Never click on a link you are unsure of, and never provide personal information over the phone. Read more on email security, here. - Stop, Look, Check, Pay
Secure Sockets Layers (SSL) are used to ensure data is encrypted before being transmitted across the web. It is also an indication that an organization has been verified. Keep an eye out for HTTPS in the address bar rather than HTTP, as this highlights a site uses SSL.
Make Sure the Website That You Intend to Shop on is Not a Copy of a legitimate one. Verify that the date and name of the organization are consistent with the site you are visiting. And look for typos in the URL. Your best bet it to go directly to the website yourself, and do not access it through links on other sites/emails.
When using public Wi-Fi, use a VPN as the most effective way to stay safe and so that hackers do not steal your personal data while you are on an unsecure network. - Check Your Bank Account
- Use a credit card or payment method which offers protection (i.e., PayPal).
- Check your accounts regularly for fraudulent activity.
- Only provide enough details to complete your purchase (no extra details required)
- Keep Your Passwords Safe & Don’t Use Default Credentials
Default credentials used by applications and appliances are often published on the internet. This can be a big problem. An attacker will typically first scan your network to see where they can move next. If an attacker was lucky enough to identify applications or appliances with default credentials enabled, it won’t take them long to hunt on the internet for these published credentials. Read how to detect default credentials, here.
Finally, keep your passwords safe. Read this blog on password protocols to learn more. Don’t let cyber scams ruin your festive fun this winter!
By SecurityHQ - Be Aware of Phishing & Quishing Attacks
-
Enhanced Google Play Protect real-time scanning for installation of sideloaded apps
Google is making Google Play Protect’s security capabilities even more powerful with real-time scanning at the code-level to combat novel malicious apps. Google Play Protect will now recommend a real-time app scan when installing apps that have never been scanned before to help detect emerging threats.
-
SecurityHQ’s Cyber Predictions
In response to the growing number of breaches, SecurityHQ released their latest white paper to highlight analyst predictions for threats and vulnerabilities in H2 2023.
-
Challenges organizations face to be ready for a safe post quantum computing future
DigiCert released the results of a global study at its annual Trust Summit conference, exploring how organizations are addressing the post-quantum computing (PQC) threat and preparing for a safe post-quantum computing future.
-
Microsoft Cyber Signals report highlights spike in cybercriminal activity around business email compromise
Microsoft has released its fourth edition of Cyber Signals, highlighting a surge in cybercriminal activity around business email compromise (BEC), the common tactics employed by BEC operators, and how enterprises can defend against these attacks.
-
Bilateral 5G roaming agreements will push global losses to $8 billion by 2028
A new study from Juniper Research has found losses from global roaming fraud are anticipated to exceed $8 billion by 2028, driven by the increase in bilateral roaming agreements for data-intensive use cases over 5G networks. In turn, it predicts fraudulent data traffic will account for 80% of global operator roaming-based losses by 2024.
-
Meltwater Brings Powerful New Enterprise Suite to APAC
Meltwater, a global leader in media intelligence and data analytics, today announced the availability of Meltwater Enterprise Intelligence Suite, a comprehensive offering that promises vital insights and transformative impact to enterprise clients.
-
SenseTime Launches "SenseNova" Foundation Model Sets and AI Computing Systems, Advancing AGI Development
SenseTime hosted a Tech Day event, sharing their strategic plan for advancing AGI (Artificial General Intelligence) development through the combination of "foundation models + large-scale computing" systems. The leading AI software company is focused on creating a better AI-empowered future through innovation and committed to advancing the state of the art in AI research, developing scalable and affordable AI software platforms that benefit businesses, people and society as a whole.
-
Plans for further integration of IBM watsonx with AWS
IBM announced plans to expand its relationship with Amazon Web Services to help more mutual clients operationalize and derive value from generative artificial intelligence.
-
Outlook of generative AI for the enterprise market is exciting but lacks a clear corporate strategy
The democratization and acceleration of generative Artificial Intelligence (AI) originated in the business-to-consumer (B2C) market with the release of popular applications like ChatGPT and Stable Diffusion. But the B2C market will barely scratch the surface of generative AI’s potential economic value.
-
Mindful Employer Branding Key to Successful Staff, HR Recruitment
In modern society, building an inclusive employer brand should be considered mission critical for businesses large and small. The most successful companies are the ones that see challenges and opportunities from many different angles, and having a diverse employee population allows you to do just that. An inclusive employer brand lets you engage, recruit, and hire a wonderful spectrum of people who can bring their varied backgrounds to bear for your business. Simply put, building an inclusive employer brand brings a diverse set of experiences and perspectives to the table, which in turn allows your company to be smarter, more thoughtful, and ultimately more successful.
-
Alibaba Cloud unveils new AI Model to support enterprises' intelligence transformation
Alibaba Cloud, the digital technology and intelligence backbone of Alibaba Group unveiled its latest large language model, Tongyi Qianwen.
-
Technology and digitalization are key for sustainable lifestyle, research revealed
More than two-thirds (71%) of consumers think technology and digitalization are key in enabling them to live a more sustainable lifestyle, while over a third (33%) desire apps to provide clearer information on how to live sustainably across various aspects of life, according to an independent research report commissioned by Alibaba Group.
-
API Security Company Neosec acquired by Akamai Technologies
Akamai Technologies, Inc. announced entering into a definitive agreement to acquire Neosec, an API detection and response platform based on data and behavioral analytics.