In the single biggest U.S e-commerce day ever, Cyber Monday kicked off what promises to be a record season of online holiday shopping.
But with more shoppers online, at least for the foreseeable future, comes an increased need for cybersecurity.
“Cybercriminals are ready for the holiday season, and they expect to have an extremely profitable year in 2020,” said Paul Tucker, BOK Financial® chief information security officer.
“This year’s holiday shopping season will see more opportunities for consumer abuse, primarily due to the increase in online shopping due to the pandemic,” he said, adding that retailers’ e-commerce websites will likely be the cybercriminals’ primary targets.
Online sales reached a staggering $10.8 billion on Cyber Monday, Nov. 30, up 15.1% from just a year ago, setting a record for the largest U.S. online shopping day ever, according to Adobe Analytics. To avoid crowded stores during the pandemic, and to pass idle time spent at home, shoppers opted to fill virtual shopping carts.
Adobe Analytics compared data from some top retailers and found some interesting Cyber Monday shopping trends:
- The number of orders picked up curbside was up 30% from a year ago, as shoppers sought out ways to safely retrieve their items bought online that same day.
- Thirty-seven percent of digital sales on Cyber Monday were made on mobile devices.
- During the final hours of Cyber Monday, from 7 to 11 p.m. Pacific time, consumers spent $2.7 billion, accounting for 25% of the day’s revenue.
Threats to spoil your holidays
As retailers plan new campaigns to entice online shoppers, cybercriminals are crafting new attacks and methods by utilizing phishing pages for banks, online stores and social networks. What do they want? Your personal or company online credentials, Tucker said.
Your mobile phone is also a target. “In previous years, cybercriminals developed malicious applications that promised online coupons,” he said. “Fake websites will try to steal your credentials for sites like Amazon and your bank.”
Phishing attacks typically reach a crescendo between Dec. 15 and 21, Tucker said. And companies will continue to see ransomware attacks over the holiday season due to employees shopping on their company computers.
Tucker offered 10 tips for safely shopping online:
- Monitor your online statements for your debit and credit cards to watch for anything out of the ordinary.
- Consider using credit cards since they may have more consumer protections.
- Think before you click. Resist clicking on unsolicited links for holiday savings. Instead, type the website directly from your browser. This will help validate if it is the real website.
- Avoid free public WiFi while you shop in stores. Spend a few more dollars and use your LTE or 5G services when in public, especially during this time.
- Person-to-person mobile apps such as Zelle, Venmo and CashApp provide immediate payment, but it make it extremely difficult for financial institutions to recover funds if fraud is suspected.
- Lock down your login. Utilize multi-factor authentication for additional protection.
- Be cautious about using your company’s computer to shop online. You may unwittingly cause harm to your company’s network.
- Watch out for fake shopping apps. Only install mobile apps from reputable sites such as Apple’s App Store or Android’s Google Play store.
- Shop with reputable retailers and vet new-to-you businesses to ensure legitimacy.
- If you have been scammed by cybercriminals, report it to the FBI’s Internet Crime Complaint Center.