A couple of weeks ago, Kilimall Black Friday sale grew by 300% this year, three times more compared to 2015. The online marketplace noted in its Black Friday report that sales from Black Friday shopping festival marked on November 25th grew by 300% from 2015.
This means Kenyans have grown into trusting online shopping and according to Kilimall Managing Director Robin Xie, 50% of the shoppers paid using online money transfer systems.
As the popularity of online shopping increases, so does the likelihood of falling foul of cybercrooks, not necessarily because they are putting in extra effort during the festive season, but simply because more of us are doing more online shopping at this time of the year, and we’re on the lookout for the hottest deals. Sophos recommends the following tips to help users focus on family, food and fun over Christmas, rather than dealing with the headache of stolen credit card details or important documents lost to ransomware.
Clean passwords before shopping, shoppers should not use the same password on more than one website. If the crooks get one password, they’ll immediately try it on all your other accounts. Passwords should be as long and complex; in fact, consider they should use a password manager, which will come up with a unique password for each website automatically.
Update devices- When patches come out, most of them fix security holes that the crooks either already know about or will find out about soon. Don’t put off security updates because “later will be fine”.
Back Up files- Whether one is taking his/her laptop on holiday, or staying at home with their faithful desktop this festive season, backing up precious documents on all devices is key. That way if files are lost, stolen, “reconfigured” by a teenaged “expert”, or, worst of all, held for extortion by ransomware, they can easily be recovered.
Watch out for booby-trapped ATMs – when shopping on the High Street. Watch out for modified ATMs when withdrawing money. Crooks often glue fake parts onto or around ATMs in the hope of covertly reading both your card data and your PIN.
Beware of login links in emails- With so many emails flying around over the Christmas shopping period, it’s a popular time for cybercrooks to use fake ‘phishing’ emails to trick you into handing over personal data. When an email urges you to click on a link to login to your account and change your password, or some similar sort of subterfuge, it’s probably crooks trying to trick you onto a fake site that will look exactly like the real thing, except that the crooks get your password, not the real website. If you want to check a transaction on one of your accounts, open your browser and browse to the website yourself.
Look for the padlock in the URL bar when shopping online. A padlock in the address bar and a URL that starts with “HTTPS” means the website uses an encrypted or secure connection. All major websites, not just financial institutions, use HTTPS these days, so if you see a site that’s asking for personal information but doesn’t have the padlock, you can be sure it’s a fake.
Watch out for bogus courier emails. At Christmas time, you may very well get products delivered to your home, so you’ll be expecting a visit from a courier company. Crooks know this and send fake emails about bogus delivery problems, hoping to draw you into their web. If you want to contact a courier company to check on a delivery, look up their phone number or email address yourself – don’t use any links or information from an email.
Don’t email your credit card details. Sometimes you’ll try to buy that special gift for Christmas, but your credit card won’t go through. In perfectly good faith, the seller may ask you to email through your card details to try again later. But that email could end up in the hands of cybercrooks, even if the seller handles it with care once they’ve received it. Remember: if in doubt, don’t give it out!
Turn off Flash on your devices. Want to do one single, simple thing to improve your security, now and forever? Turn off Flash, or uninstall it altogether if you can. Booby-trapped Flash files are still a popular way of spreading malware, and with fewer and fewer sites actually requiring Flash, it’s safer to do without it altogether.
Finally, make sure your computers at home are secure. Sophos Home is free and allows you to protect up to 10 Windows and Mac computers from malware, ransomware, phishing and more. You can have different settings for adults and kids, and the web filter lets you block ads. It’s an easy-to-use solution that takes minutes to download and get started. And remember, when 2017 comes around, all of these tips will still be valid. In other words, as much as we’re urging you not to let your computer security guard down over the Christmas season, we’re also encouraging you to keep your security guard up every day.