Be Black Friday smart, not hacked

Be Black Friday Smart

In 2019, the queue to get a hot TV deal was outside the doors of the shops. People pressed against one another in a bid to snag that offer and head on home with the perfect Christmas gift.

In 2020, the dynamic has changed. Retailers are implementing online specials and discounts that are running for most of the month because close quarter queues are not best practice in the era of Covid-19.

Successful retailers are adopting online campaigns and strategies that are designed to get as many hot deals into customer hands as possible, without the queues. However, this method introduces its own set of challenges, says Henk Olivier, MD of Ozone Information Technology Distribution.

“The biggest difference between Black Friday shopping in 2019 and 2020 is the virus that people pay attention to,” he says. “Everybody is talking about the pandemic, everybody is tired of talking about the pandemic, but they know that the reason they can’t sit in tight queues is because they will put themselves at physical risk. But there are other viruses that people need to be worried about, and these all sit online.”

Olivier believes that a significant percentage of people who are now moving to do their shopping online are not aware of the risks. They don’t realise how their personal details will be used by retail outlets in the future, or how they can be conned into handing out their bank details to a fake retailer, or how they’ve just managed to download ransomware onto their computer. As Black Friday approaches, many deals will only be online because some retailers are making effort to be safe and responsive to Covid-19, so now is the time to recognise the risks and make sure that online shopping is managed just as securely.

“From a business perspective, retailers will have to ensure that their eCommerce platforms are secure and compliant with regulations around online payments,” says Olivier. “There are still plenty of fly-by-night companies that will set up eCommerce sites without security or compliance strictures in place, and that will put consumer information and bank accounts at risk. Consumers need to be aware of this and they need to ensure that any transaction they do on any website has a trusted security certificate and uses certified payment methods with 3D secure and PIN verification.”

These security measures have to be applied internally as well. Because so many people are working from home in the pandemic, they’re doing their online shopping on office computers, using office email addresses and logins. This is a fairly common risk that also happened pre-remote working, because people don’t realise that they’re putting their company at risk when they use their official information to access a website. This means that there has to be a company policy that covers exactly what constitutes good online behaviour overall, and when shopping online.

“Create an IT policy that clearly outlines what employees can and cannot do with their logins and office equipment,” says Olivier. “If they use their own equipment, ensure that they understand the risks of online shopping and know how to protect their network from a virus infection, malware or a data breach. Also send out an email that warns people of the risks of online shopping and details some of the most common ways in which they can fall prey to phishing or malware.”

This policy should also include password hygiene and online best practice. Too many people still use pet names, 12345 or qwerty as their passwords. Too many people don’t realise that a simple hack will potentially lose them their identity or their money.

“In addition to an accessible and visible policy, and training around best practice for passwords and risks, give people some insight into what they can expect out there on Black Friday,” says Olivier. “Start out with the adage – if it looks too good to be true, it probably is. That PlayStation 5 for R4,000 – is it on a real website, or a fake one designed to look like a specific retailer? Check the URL, check the security certificate. Is the email telling you about the special asking you for any personal information? Are you being asked to log in? Avoid these warning signs like the plague.”

Don’t use the same password on sites, if one is compromised your login will be freely available to the world. Use a product like Keeper Security to keep your passwords safe, and to create complex passwords that are hard to hack. It’s also important to be careful of clicking on any links that come in an email as a special offer – check the email address, if it can’t be viewed, then it’s likely risky. The same applies to links in emails – hover over the link and see what URL is being used. Fake links will have dodgy URLs that are clearly sending you to the wrong place.

“Don’t give out your credit card details or PIN over the phone, and be aware of anything that makes you feel concerned – fake emails and websites don’t use dodgy language anymore, so anyone can be fooled,” concludes Olivier. “Invest into solutions like Keeper Security or Kerio Control that protect your systems from within, and without. These tools are designed to track and filter internet traffic, identify red flags, protect passwords, and ensure robust security on any system. They will also provide a first and last line of defence against the viruses that can be caught by people sitting in online queues this Black Friday.”

As seen on IT-ONLINE