Consumers are already doing more of their holiday shopping online. Even so, Cyber Monday, the Monday after Thanksgiving, is expected to be the busiest online shopping day of the season as retailers roll out a number of specials to take advantage of that.
But be warned: scammers and hackers are gearing up for Cyber Monday as well and one expert says Cyber Monday may be the most dangerous day of the year when it comes to having your identity stolen.
“The best way to be secure on Cyber Monday? Yank the plug out,” said Bob Bunge, a cyber security specialist and engineering professor at DeVry University.
Christmas for scammers
While it's true that scammers run their “phishing” attacks all year long, Bunge and other security experts he consults with have seen the intensity level build since the start of the holiday shopping season, especially since so many retailers are jumping the gun on Black Friday and offering online deals now. But he expects activity to spike on Cyber Monday.
“The reason is consumers are expecting to get a bunch of screaming good offers from retailers they've done business with,” Bunge said. “It's the one day of the year that if Walmart says they'll sell you a TV for $10 you might be inclined to believe it. Only it isn't Walmart making the offer.”
Instead, it could be someone in another country hoping you will click on the link in their email, which could either send you to a bogus site and entice you into revealing sensitive information, or download nasty malware to your computer – or both.
Avoid wireless connections
Bunge offers a few tips for staying out of trouble on Cyber Monday – short of unplugging your computer for the day. First, he says, avoid making online purchases using a wireless connection.
“Especially avoid using wireless connections in a public space, like an airport or a coffee shop,” he said. “I was at a conference today where they had an open wi-fi connection for everyone to use. Well, that's great but it's not a place to do your shopping.”
Home networks are a bit safer, assuming you have good security on your connection. But even then Bunge says you are not completely safe, especially if you live in a high-density area where many of your neighbors can pick up your wireless network. If one of your neighbors happens to be a skilled hacker who can get past your security, you're vulnerable. Better, he says, to place your orders with a computer hard-wired to your network.
“All things being equal, wired beats wireless when it comes to the security of your connection,” Bunge said.
Another piece of advice – never click on a link in an email.
“If you like the way the URL looks, if it looks legit, then re-type it in the address window of your browser, don't click on it,” Bunge said. “The reason being, a hacker can type a legitimate web address, like www.amazon.com, in the email but make that link take you somewhere else.”
Make sure your software is up to date. Most software updates address security issues so consumers, where possible, should opt for automatic updates.
“Two of your major security issues are Java and Flash, which are third-party browser enhacements,” Bunge said. “And the reason they are security issues is because people don't update them. There are all kinds of known exploits against the older versions and if consumers aren't updating those packages, that's something attackers will exploit.”
At the same time, Bunge says consumers need to beware of bogus update prompts that try to get you to download malware or spyware. Always make sure you are getting your updates straight from the vendor's website.
A savvy online shopper will also try to limit their risks. One way to do that is to use only one credit card for online purchases.
“If something bad happens you only have one card that has been compromised,” he said.
Finally, consumers should keep their wits about them, be aware of the risks and remain skeptical of offers that sound too good to be true. Bunge says the most effective online scams are usually the simple ones – “You've won an iPad! Click here!”
While it may seem that the Internet has made the world a scarier place for consumers, Bunge says the world has always been pretty scary.
“The Internet hasn't changed human nature,” he said. “It's made it more convenient for liars to lie.”