As online shopping continues to grow in popularity, brands must respond and ramp up their cybersecurity measures to protect their online consumer base from cyberattacks.
Mimecast’s recent Brand Trust Report found that 79% of the respondents have received a phishing email in the past. While most are well-versed with spotting a suspicious email, over 46% of consumers admitted to being less cautious when it comes to opening an email from brands that they regularly use. This increases the chance of consumers falling victim to online impersonation attacks which emulate popular brands.
Shoppers need to be wary of phishing emails, which are particularly common during sale events such as Black Friday. These emails are predominantly used to run scams and steal personal or sensitive information by tricking the recipient into clicking on a malicious link or directing to a fake website.
In this article, I’ll walk you through some essential steps of avoiding online shopping scams.
Cyber hygiene practices to avoiding online shopping scams
Before embarking on an online shopping spree during this festive season, here are a few precautions consumers should take to mitigate the risks associated with phishing emails:
1. Awareness of display name spoofing: This is when attackers use a false name as the email sender, hiding a false email address. These are having a higher success rate as more people access emails from their mobile, where the email address is not always visible.
2. Secure doesn’t mean safe: HTTPS might mean that a website is secure, but it could still be malicious and it’s not enough to look for the padlock sign in the website address bar or expect your internet browser to warn you ahead of time.
3. Phishing scam links could be sent by attachments: Links inside documents may not always be picked up by virus scanners or sandbox technology that is built to find malware itself. Once opened, these links could then aim to steal sensitive information or launch attacks on your data centre.
4. Urgency: Beware of any messaging pressuring you into making quick purchasing decisions by clicking on a link for example. These types of methods are particularly prevalent during Black Friday and during the holiday season.
5. Beware of grammar and spelling: Some spoofed websites will have spelling or grammar errors in their copy, and they may also be using similar-looking characters to trick you into believing the website’s URL is real.
6. Navigate to the official website: If in any doubt always navigate to the official website of the brand you want to buy.
Why should brands care about investing in cybersecurity?
While it’s important for shoppers to take the necessary precautions when it comes to safeguarding themselves from online threats, brands must also seek to reduce the likelihood of such attacks happening.
The Mimecast research also found that 78% of the respondents believed that brands hold the primary responsibility for ensuring that their websites and emails are safe to use.
Moreover, around 57% of respondents agreed that they would stop purchasing from their favourite brand if they fell victim to a phishing attack involving that brand. Doubtlessly, there is an increased need for brands to protect themselves and reduce the likelihood of such attacks on their consumers.
Brands can now do this using Domain-based Message Authentication, Reporting and Conformance (DMARC), a technology that allows businesses with an online presence to detect and reject any unauthorised sender who attempts to use a brand’s email domain.
However, it should be noted that using DMARC alone may not be 100% effective since the range of threats retailers face online is broad and varied. This technology should therefore be used by organisations in tandem with other available cybersecurity tools to provide more comprehensive, layered protection such as technology that allows brands to scan and take down fake versions of their websites.
To protect their customers and ultimately their brand, organisations should ensure they are investing in strong cybersecurity solutions ahead of the busy holiday period.