Black Friday and Cyber Monday a boon for shoppers – but also for hackers

Following on the heels of Black Friday, today is Cyber Monday – one of the busiest e-commerce days of the year. Originating in 2005, it is widely publicized as a day on which online retailers offer exceptional discounts.

Although Black Friday is associated with the traditional, brick-and-mortar shopping experience, and Cyber Monday is touted as the online counterpart, the distinction between the two has blurred in recent years. While more than a third of Americans said they planned to mark Black Friday the traditional way – braving the crowds in pursuit of door buster deals -- many others chose to stay in their pajamas on Friday morning and seek out bargains online.

Indeed, more than one third of Black Friday sales this year came from smartphones, according to Tech Crunch.

Convenient? Absolutely. Secure? Not always. Cybersecurity experts have continued to warn that online shopping presents risks. Credit card information can be intercepted and stolen; personally identifiable information (PII) can likewise be harvested and used for criminal purposes. Earlier this month, RiskIQ released a blacklist of 6,500 malcious or fraudulent mobile apps that aim to hoodwink consumers, often through purported association with major retailers.

In the same report, RiskIQ noted 89,837 instances of credit-card skimming carried out using software associated with the MageCart skimmer group.

Threats of this nature shouldn’t deter consumers from going online to shop, but common-sense precautions are in order, according to cybersecurity professors at Capitol Technology University.

 Dr. William Butler, chair of the cybersecurity program, urges shoppers to resist the temptation of storing credit card information on websites. While it’s a time-saver, it’s also a known vector for data theft. “This is where many online services are getting compromised during the breaches,” Butler says.

He also recommends using a credit card that has a good dispute resolution process. “Some shoppers have a card that they use specifically for online shopping, so that if there’s a dispute on the charge, they don’t have to go through a lot of rigmarole.”

Rick Hansen, a professor in the program, reminds shoppers to always look for the lock icon that signifies a secure site. “It ensures that you’re on a site that has secure transmissions. If you’ve never been there before, or if it looks sketchy, you can click on the lock and find out more about the connection,” Hansen says.

Also important: never click on links in an e-mail unless you are sure it is coming from a legitimate source.

“Most of the time you can hover over the links and see what URLs they actually go to. Say you get an e-mail that looks like it’s telling you about a special offer on Amazon. Don’t necessarily assume it’s really from Amazon – check the identity of the sender. You can do this, on many e-mail clients, with a right mouse click,” Hansen advises.

“Sometimes you’ll get sent a link that’s tagged 'Amazon.com' but when you investigate the link, you see that it’s actually going to Bob’s Towing.”

Whether you prefer to shop online retail, hit the stores, or mix 'em up with the perfect combination of both, we wish you a happy and safe holiday shopping season. Interested in learning more about the cybersecurity field and the programs available at Capitol? Contact Dr. William Butler, program chair, at whbutler (@) captechu.edu.