Contents:
Sales season is upon us, which means hackers are having a field day stealing confidential financial information and using it for nefarious purposes. Whether you’re a retailer, a business owner, or a consumer, it is your responsibility to stay safe while Cyber Monday shopping sprees are unfolding left and right.
In this article, I will discuss a few statistics on Cyber Monday and how trends surrounding it has developed in the context of the Coronavirus pandemic. As for the actionable advice, there’s a section for everyone in the following lines. Therefore, if you own a shop or any other type of business, or if you’re planning to spend your money on discounted goods these days, then keep on reading.
Statistics on Cyber Monday Shopping
Contrary to common belief, Black Friday is not the most prolific shopping day of the year, Cyber Monday is. As per the findings of an Adobe Analytics report, the day’s sales hit a whopping $9.4 billion in 2019, a 19% increase from 2018’s $7.9 billion. Numbers exceeded transactions made on both Black Friday and Amazon Prime Day, which amounted to $7.4 billion and $4.2 billion respectively.
What is more, e-commerce on mobile devices grew by 46% from 2018 to 2019, accounting for 33% of all the Cyber Monday sales of the year. As stated by a survey pooling data gathered by product review website MuchNeeded,
- 3% of all purchases were made from smartphones.
- 1% of all purchases were made from a tablet.
- Tablet users spent an average of $131 per order.
- Smartphone users spent an average of $114 per order.
At the peak of the online shopping craze in 2019, consumers spent $11 million every minute more or less. Widely purchased products include toys, video games, and smart devices. As 2020 sees more and more people working from home and spending most of their time indoors, Cyber Monday is projected to become the year’s most (and potentially only) relevant retail holiday. In the next section, I will briefly discuss Cyber Monday shopping in the current context of the pandemic.
Cyber Monday Shopping during the COVID-19 Pandemic
With 2019 marking a strong increase in popularity for online shopping, the trend towards accessible purchasing has done nothing but ascend in 2020 as well. The stay-at-home orders and lockdowns brought along by the COVID-19 pandemic only exacerbated this already natural tendency. According to statistics published by Statista in November 2020,
Retail platforms have undergone an unprecedented global traffic increase between January 2019 and June 2020, surpassing even holiday season traffic peaks. Overall, retail websites generated almost 22 billion visits in June 2020, up from 16.07 billion global visits in January 2020. This is of course due to the global coronavirus pandemic which has forced millions of people to stay at home in order to stop the spread of the virus. Due to many shelter at home orders and a desire to avoid crowded stores in places where it is possible to shop, consumers have turned to the internet to procure everyday items such as groceries or toilet paper.
Needless to say, this is projected to carry on well into the year’s longest and most productive sales weekend. Although the current global crisis will most likely see people spend a little less and retailers discount a little more this year, BlackFriday.com predicted that Cyber Monday e-commerce purchases will hit $10 billion in 2020.
What is more, a Google consumer insights report released in July 2020 has shown that 75% of U.S. shoppers were planning to shop more online. This means that, as more and more people choose to sit the traditionally in-store Black Friday out this year, an increasing amount of orders will be placed online on Cyber Monday.
How to Secure Your Company’s Assets on Cyber Monday
As the holidays boost traffic to online retail websites, it is your responsibility as a business owner to remain vigilant and ensure that both your company’s data and that of your clients is secure. AT&T Vice President for Retail Michael Colaneri has stated for Bloomberg in 2018 that every single digital transaction made on Cyber Monday constitutes an opportunity for cybercriminals. Here’s how you can prevent that from happening to you in 2020.
Retail Cybersecurity Tips for Cyber Monday
#1 Keep an Eye Out for Scammers Impersonating Your Brand
Creating deceitful websites that mimic the branding of popular retailers is the oldest trick in the opportunistic Cyber Monday scammer’s book. Are you the owner of a large-scale national or international store? Then your client base is a prime target for fraudsters.
Smaller businesses aren’t safe either, as they tend to have a loyal customer list that shows massive support during sales season. For this reason, you need to be on the constant lookout for pages impersonating your enterprise. Don’t wait until the influx of shoppers coming in on Monday starts reporting these cons to you. Stay one step ahead of hackers by doing constant research.
Scour social media and SERPs for suspicious activity, then isolate fraud attempts and pursue appropriate legal action against them. This is something that you should ideally do all year round, but it is particularly important on Cyber Monday.
My advice is to integrate this practice into the workflow of your IT and security department. If you have the budget for it, you can go as far as to recruit a designated person to handle this process or create a task force-type team for it.
#2 Inform Your Client Base of the Risks That Come with Sales Season
Preventing fraud is as much your responsibility as it is your client base’s. However, you need to consider that the average consumer might not be familiar with all the scams out there. Therefore, I recommend that you keep your customers in the loop concerning the common risks associated with sales season.
If your retail website has a blog section, writing an informative article (much like I did with this one, wink) is always a good idea. Or, if your emails have a high open-rate, you can also send out a newsletter that briefly explains what dangers lurk in the shadows on Cyber Monday.
My recommendation is to do both if possible. That way, you have the option to keep the newsletter short and sweet, then link your blog post for more details. This will not only better educate your clients, but it will boost your site traffic and engagement as well.
#3 Protect Your Network’s Perimeter and Endpoints
Protecting your business from scammers starts at the level of the online network perimeter. This is why network cybersecurity should be your top priority during sales season, and all-year-round for that matter). Implementing a solution such as Heimdal Security’s Heimdal™ Threat Prevention Network , an efficient intrusion prevention system (IPS), can actively help you with that.
However, to attain complete asset security, you must first look beyond conventional online perimeter security and lock down your other endpoints as well. This is accomplished by thoroughly monitoring your systems for connection attempts that are coming from outside your corporate infrastructure. This is exactly what our core offering of Heimdal™ Threat Prevention can do for you with its advanced DNS traffic filtering.
Heimdal® DNS Security Solution
- Machine learning powered scans for all incoming online traffic;
- Stops data breaches before sensitive info can be exposed to the outside;
- Advanced DNS, HTTP and HTTPS filtering for all your endpoints;
- Protection against data leakage, APTs, ransomware and exploits;
Through proprietary DarkLayer Guard™ and VectorN Detection technology, Heimdal™ Threat Prevention achieves state-of-the-art two-way traffic filtering at the level of the Domain Name System. In this way, your business is shielded against malware, man-in-the-middle attacks, zero-day exploits, denial of service attacks, and other online dangers that hide in plain sight during Cyber Monday.
Furthermore, the integrated Heimdal Patch & Asset Management automatic software updater ensures that system vulnerabilities are patched, expertly closing security gaps in your network. By using Heimdal Threat Prevention and Heimdal™ Threat Prevention Network together, you will ensure not only the digital safety of your business but that of your customers as well.
Not a Retailer? Your Business Might Still Be Targeted
The vast majority of Cyber Monday shopping scams target retailers, for obvious reasons. Nevertheless, your company might still be affected by the 63% malware spike that comes with the year’s largest online shopping weekend. Some of your employees will definitely take advantage of the sales and do a bit of shopping on your corporate network, either by connecting their mobile devices to it or ordering directly from their work computers while on a break.
Therefore, you must boost your digital defenses for Cyber Monday in 2020. On top of the classic network and endpoint protection measures I mentioned above, I recommend practicing the principle of least privilege. This means that every member of your staff will only have the minimum access rights necessary for them to successfully complete their daily tasks.
In this way, if and when a user account becomes compromised, the damage will be limited to it and won’t spread to your entire network. However, implementing privileged access management in your company network also implies that your IT administrator will have a tough time approving or declining rights escalation requests for various purposes. This is where Heimdal™ Privileged Access Management comes in.
Heimdal® Privileged Access Management
- Automate the elevation of admin rights on request;
- Approve or reject escalations with one click;
- Provide a full audit trail into user behavior;
- Automatically de-escalate on infection;
Heimdal™ Privileged Access Management allows your network admin to easily handle all incoming requests in a unified and accessible platform, strengthening your endpoint security in the process. A truly innovative access governance cybersecurity solution, it is the only PAM solution on the market that automatically de-escalates requests when malicious activity is detected in your system.
The Consumer’s Cyber Monday Shopping Checklist
As previously mentioned, consumers are the primary targets in Cyber Monday shopping scams. Therefore, it is your responsibility as a customer to educate yourself on security practices. The checklist below will help you take all the necessary precautions on the year’s biggest bargain day and spend your money safely.
Are you a business owner reading this article? Don’t hurry to close the article just yet. Use these tips for your Cyber Monday security newsletter, or share them with your employees so that they use company resources wisely. Let’s begin.
❒ Stick to Retailers You Know
When it comes to Cyber Monday shopping, the number one piece of advice I have to offer is to spend your hard-earned cash with retailers you know and trust. Reputable stores are not only better protected but also have strong refund policies in place that cover cyberattack victims among other cases.
When visiting a website that you want to shop at, make sure to check its link thoroughly. The smallest typo can redirect you to a malicious scam page claiming to be the online store you love. Placing an order there will give hackers access to your banking information and personal data, which they can then use for operations such as account takeover fraud.
❒ Check Reviews for New Stores
Do you have your heart set on something sold by a relatively new or unknown store? Are its Cyber Monday discounts too good to pass up? Not being familiar with a website doesn’t automatically mean it’s dangerous to shop there. However, you should always do your research in situations such as these.
Online reviews on Facebook, Google, or Yelp are a good place to start. Thanks to the Internet, people who get scammed aren’t afraid to shout it from the digital rooftops. So, if a place is suspicious, this is the first place where the truth comes out. Still, I recommend that you take these opinions with a grain of salt. Glowing evaluations across the board can be a sign of paid reviewers.
❒ Too Good to Be True? Scroll Past
You wake up and check your social media accounts on Cyber Monday morning. What do you see? Extravagant deals? Larger than life discounts? If it sounds too good to be true, then it probably is, and my recommendation is to scroll right past it.
On the authority of a report published by the Federal Trade Commission (FTC) in October 2020, social media scams have tripled over the last year. What is more, 94% of the complaints identifying a specific platform pointed towards Facebook and Instagram, two of the most popular apps of the decade.
❒ Create Strong Passwords
A strong password that contains both uppercase and lowercase letters, as well as alphanumeric characters, is your first line of defense against scammers this Cyber Monday (and in general). Multi-factor authentication, together with a frequent change up of your credentials is the simplest way to stay safe while shopping online. Avoid making these common password mistakes and you’ll be golden.
❒ Patch Your Software Regularly
Unpatched applications create vulnerabilities that allow fraudsters to steal your precious financial information. Heimdal™ Threat Prevention Home automatically installs the latest software updates as soon as they’re released, closing 85% of the security gaps in your system.
Heimdal™ Threat Prevention Home detects cybercriminals trying to steal your card number and security code, then stops them in their tracks before they have a chance to carry out the operation. By doing so, Heimdal Security ensures that you can shop online safely on Cyber Monday, as well as during the rest of the year.
❒ Use a Strong Antivirus Solution
What about the system vulnerabilities that aren’t fixed by software patches? Here is where a strong antivirus solution comes in. My recommendation is to use a next-generation antivirus such as Heimdal™ Next-Gen Antivirus Home in tandem with Heimdal™ Threat Prevention Home. In this way, you can achieve complete prevention against data breaches, malware, and other APTs at home.
❒ Pay with Your Credit Card
If you own a credit card, Cyber Monday is the time to use it. A credit card allows you to shop online as securely as possible because it doesn’t give retailers direct access to the funds in your account. What is more, it has a $0 liability clause for fraud, which means that you won’t be made responsible for duplicitous activities conducted with your data.
❒ Check Your Bank Statements
Not a fan of credit cards? If you must use your debit card on Cyber Monday, make sure to check your bank statement periodically after shopping. If a cybercriminal managed to gain unlawful access into your bank account, discovering the breach is a time-sensitive affair. The longer it goes unnoticed, the more damage they can inflict to your finances.
❒ Don’t Shop on Public Wi-Fi
This should go without saying, but just to drive the point home, never shop online while connected to a public Wi-Fi network. Connections that are not password protected and properly encrypted can easily be intercepted by malicious third parties. That person staring you down while you log into your e-commerce account? Might be a hacker. Better to be safe than sorry.
❒ And If You Do, Use a VPN
Let’s be honest, browsing through online shops on public Wi-Fi can be necessary sometimes. Maybe your Internet is down that day and you ran out of traffic on your mobile data package. Maybe you’re in transit and can’t make it home in time for the sale you’ve been waiting for all year. These things happen.
Therefore, if you must place orders using an unencrypted connection this Cyber Monday, my recommendation is to use a virtual private network. A VPN creates an encoded passageway between your computer and the server, which means that your session won’t be easy to intercept. When used together with Heimdal’s suite of solutions, it becomes the ultimate privacy and security combo.
To Conclude…
Cyber Monday brings many discounts that are too good to pass up. However, it also comes with many associated risks as well in terms of data security. Regardless of what category you fit into (retailers, business owners, or customers), I strongly advise that you take the tips above into account and do your best to stay safe this year. Happy shopping!
Alina Georgiana Petcu is a Product Marketing Manager within Heimdal™ Security and her main interest lies in institutional cybersecurity. In her spare time, Alina is also an avid malware historian who loves nothing more than to untangle the intricate narratives behind the world's most infamous cyberattacks.
