This year many of us will be switching to buying presents and other seasonal goods online, thanks to the covid pandemic. But we want to pass on some top tips as it’s also a favourite time of year for scammers, who will be targeting businesses and Black Friday shoppers as the perfect targets for fraud.
We’ve got a lot on our minds at this time of year, with the added consideration of our loved ones’ health and wellbeing. Increased business and money uncertainties and a host of other distractions in the pandemic.
That’s why it’s so important to educate yourself and your colleagues to protect your finances when you’re online.
Shopping Online - make sure websites are authentic by carefully checking the address is spelt correctly. Ideally, type it in rather than clicking on a link in an email, text or post. It’s easy for scammers to set up fake websites that are very similar to the real thing.
HTTPS - When you’re paying, make sure the page is secure by checking that addresses begin with ‘HTTPS’ (‘s’ is for secure) and there’s a closed padlock in the address bar. This means that the page is secure, but the site could still be operated by fraudsters.
Passwords - At this time of year we’re all creating new accounts and we’re forced into thinking of even more passwords that our mind can remember. But when creating new accounts make sure you’re not repeating passwords you use for work accounts with your personal shopping.
💡Top Tip - Make sure you’re using a password manager, this will help store all your account passwords. With a password manager, you can protect every single one of your online accounts with a strong password.
Work Devices - When using your work devices don’t start shopping for gifts for your family and friends, keep the two separate. You want to minimise the risk so that if fraudsters did incept your passwords then they can’t gain access to your business accounts. Always make sure that if you are setting up new devices or using work devices that you’re updating them with the latest software updates and operating systems.
If you don’t have up to date policies which keep your employees accountable whilst working from home, we can help you with a Security Policy Review. Contact us to learn more.
Social Media - Many advertisements for items such as gifts, holidays and events on social media and online forums are genuine, but be aware that others are fraudulent. Be extra vigilant about checking that such ads are authentic.
Phishing - Christmas is a favourite time for scammers to send fraudulent emails, texts or DMs, or post fraudulent offers on social media. At this time of year, with the increase in internet shopping, fake parcel delivery notifications are more common. Watch out for emails and other messages featuring ‘special offers’ or ‘prizes’. Don’t click on links in emails, texts, invoices or posts that you’re not expecting, and don’t open unexpected email attachments in your personal or work inboxes.
📥 Have you spotted a suspicious email? If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS) email@example.com.
Paying online - Don’t pay for anything by transferring money directly to a person or companies you don’t know. If an invoice or payment request doesn’t seem right then proceed with caution. If you’re selling items on an online marketplace, be aware of the warning signs that your buyer is a scammer. Scammers may have negative feedback history or may have recently set up a new account to avoid getting poor feedback. Don’t be persuaded into sending anything until you can verify you’ve received the payment.
Action Fraud announced in November that fake PayPal emails lead to nearly £8 million in losses in 2020. If you think that you’ve received a suspicious email, you can forward it to firstname.lastname@example.org, without changing the subject line. PayPal will let you know whether it is fraudulent.
Don’t forget to log out - Log out of the web page or app when you’ve completed payment online. Simply closing the tab in your browser may not log you out automatically.
Avoid ‘free’ or ‘low-cost’ trials - make sure you are reading the small print and check out trusted reviews. If you’re unsure use TrustPilot https://uk.trustpilot.com/. If you’re not careful you could find yourself signing up for large monthly direct debits which are very hard to cancel in the new year!
Learn more about keeping your business safe online, improve your cyber awareness and start your journey to becoming cyber resilient with our factsheets and advice.