It’s the most wonderful time of the year! Well, almost! With Christmas just a matter of weeks away, millions of people worldwide have commenced their Christmas shopping and are preparing for the festive season. Whilst Christmas gives us the perfect excuse to splash out on gifts, there’s no doubt that we are all looking to bag ourselves some bargains, and Black Friday and Cyber Monday will certainly have you itching to whip out your credit card.
The hype surrounding Black Friday and Cyber Monday shopping deals has certainly intensified over the years, and shoppers both in store and online are queuing up to make the most of the special offers. But, before you start spending online, it’s important to know how to keep your online identity and information secure as opportunistic cybercriminals are poised to take advantage of insecure shoppers.
Findings from Centrify’s 2016 Online Shopping survey that polled 525 UK consumers and their online shopping habits and attitudes towards security, found that over 70 per cent of surveyed respondents will spend somewhere between £50-£1000 online shopping this Christmas. Whilst an equal number noted that security/privacy is always on their mind when shopping online, the statistics suggest the opposite, as consumers continue to make basic online security errors.
Password hygiene is a continuing problem with nearly 14 per cent admitting that they share passwords with friends and family so they can login to their accounts, whilst over 50 per cent said they save them to the retailer’s websites so as not to forget them. Over half also said that they only sometimes use different passwords for different retailer’s websites.
Passwords are not meant to be shared and should never be given out online, on the phone or even to friends or family! You should also not store passwords. Many browsers, programs or web applications will offer to store your password for you so you only have to enter the password once and never again. While seemingly a convenient option, it is a bad idea to store passwords associated with personal or financial accounts. This is especially true if you use public or shared computers.
Consumers should always use different, long, and complex passwords (or passphrases) for each site too. If you don’t, and a hacker steals your password for one account they will have free rein over the others! This would have devastating consequences on sites that have your personal and credit card information.
More disconcerting is that 1 in 8 of the surveyed respondents said they would accept discounts and special offers from retailers in exchange for their passwords, highlighting the risks consumers are willing to take in order to save money online. Shoppers should be suspicious of links to special offers in unsolicited emails and always type the link directly into their browser, never click on them within an email. Hovering over the links should also highlight if the link is unsafe, as you would notice the link underneath may be different to the text. And remember, deals that appear too good to be true often are, so treat them with even more caution.
Eighty-three per cent of those surveyed said they would sometimes, or never, check the security and privacy terms and conditions of the retailer, leaving them wide open to hacking and data theft if shopping with an unknown or untrusted retailer. You should always shop with reputable sellers, and be cautious when entering URLs. A misspelled domain, or non-‘https’ site could land you on a false site designed to steal your information. Ensuring you read the site’s privacy policy to understand how and where your personal information is being used is particularly important. A lack of an easily visible privacy policy should be a red flag to using that site.
On top of this, more than a fifth would still not ensure there is a secure padlock icon in the browser before making their purchases, and twenty-seven per cent said they would only do this on some occasions.
As online shopping becomes the norm, the convenience and popularity of the process means consumers must be increasingly aware of the risks, and ensure the experience remains safe and secure.
Additional points to remember:
If an online retailer requests extra personal information, such as a password for your email or bank account as part of the shopping process, do not enter them.
Secure mobile phones if you plan to use them for shopping by enabling security features such as passwords and encryption.
Enable multi-factor authentication where possible. This involves combining two or more different ‘factors’ for extra security when logging in – such as something an individual has (like an ATM card or smart card), something a user is (such as a biometric characteristic like a fingerprint or retina scan) or something the user knows, like a password.
Being proactive about protecting your online identity and data could be the difference between you making a saving or cybercriminals making a killing!
Read the full findings here.