Despite the negative impact the hard lockdown has had on South Africa’s economy, the annual Black Friday retail sales tradition is expected to remain popular this year. Instead of limiting sales specials for just one day, many retailers have taken to doing Black Friday for the entire month of November. But where there is money to be made, you can be certain that cybercriminals will be watching and looking for opportunities to exploit unsuspecting shoppers.
“The COVID-19 pandemic and resultant social distancing rules will see a predominantly online feel to Black Friday in South Africa. E-tailers are expected to capitalise on people staying at home and avoiding potentially large crowds at physical stores. With more than half of local shoppers who normally shop in store for Black Friday indicating they will not this year, the signs point to a surge in online shopping,” says Lehan van den Heever, Enterprise Cyber Security Advisor of Kaspersky in Africa.
Of course, this presents malicious users with more potential targets than ever to infect with malware, perpetrate identity theft, and steal credit card details. Cleverly-designed phishing scams that masquerade as discounts from popular brands have become almost indistinguishable from the real thing.
“Consumers must remain vigilant whether it is shopping for Black Friday specials or the upcoming festive season. As in previous years, fake sites will be a major source of concern as they become even more sophisticated than those that appeared in 2019. The most fundamental security tip any shopper must heed is that if something sounds too good to be true, it is. For example, 80% off on that smart TV is highly unlikely. Steep price reductions, especially in South Africa, should be a red flag,” van den Heever adds.
Other things to keep in mind include spelling mistakes in URLs for popular sites and unsecured links to online stores and checkout baskets. Fraudsters painstakingly recreate many of the popular e-tailers that will fool most people. When in doubt, always type in the Web address of your preferred store instead of clicking on an email or social media link.
“Furthermore, online shoppers must make their passwords to their shopping accounts long and difficult to guess. If the store has the option available, choose to activate multi-factor authentication. In this way, even if a hacker steals your password, the site will still require you to confirm a one-time pin set to your smartphone or tablet. Using a good password manager is vital. Even the answers to the typical security questions to reset passwords should be made up. In this way, hackers cannot use potentially sensitive information on your social media profiles. Store these made-up answers as an encrypted note in your password manager,” says van den Heever.
Ideally, any online shopper must sign out of their account when leaving the site especially if it is accessed from a public or work computer. Also, never use freely available Wi-Fi hotspots to do any online banking and shopping. Hackers use sophisticated tools to ‘sniff’ out passwords at coffee shops or restaurants.
“Caution and extra vigilance must become part of any online shopper’s repertoire. As hackers continue to exploit uncertainty around the pandemic, South Africans who want to participate in Black Friday must become more security conscious,” van den Heever concludes.