Comment: Why Black Friday and Cyber Monday may not be the real deal

Professor John Clark, from the University of Sheffield's Department of Computer Science, outlines how to stay safe from online fraud this Black Friday.

Why Black Friday and Cyber Monday may not be the real deal

By Professor John Clark, 29 November 2019

Man shopping online

Black Friday and Cyber Monday are upon us and since many traditional retailers also have online presence the distinction between the two is now blurred. There will be significant discounts online around this time, but not everything may be the real deal. 

UK shoppers are prepared to spend vast amounts of money at this time and the fraudsters have every intention of getting their hands on some of it. Make sure it isn't your money.

The price of shopping freedom is eternal vigilance. Here are some points to help you stay safe online at this time.

1) Beware phishing and happy link clicking.

You will get many emails suggesting great deals to be had and providing discount codes. These emails often have links in them, don't click on any links in such emails. Instead, if you are interested in what is proposed then navigate to the retailer's site independently via your browser and then supply any provided codes when requested. Don't open any attachments in such emails - malicious attachments are a classic way to compromise your computer system.

2) Check the websites you’re visiting are secure.

Look for the 'padlock' appearing next to the visited site's web address in your browser. Don't provide financial or other personal information unless you see this. You can often click on the padlock to get further information.

It’s also important to be wary of public wifi as it’s usually unencrypted, so your communications via it, such as downloads and emails, are visible.

3) Enable two-factor authentication where possible.

You are in a better position if you have set up accounts with established retailers, a lot of them offer two-factor authentication. Here, you will typically be sent a code to your mobile phone to complete logging in or to complete a transaction, which significantly improves security. A scammer would need to have your password and your phone to compromise your account. However, you typically have to opt into two-factor authentication via your account settings.

4) Monitor your financial accounts.

Over the festive period you would do well to check your accounts for unexpected transactions. If anything looks dodgy, contact your bank.

5) Make sure you devices are secure.

Keeping your devices up to date lessens the chance of having them compromised, most updates include fixes for recently discovered security problems.

Use passwords that will be difficult for a scammer to obtain and don’t use the same password for different sites - you might be surprised at just how guessable many account passwords are.