Site icon Sophos News

Black Friday – stay safe before, during and after peak retail season

It’s three weeks until US Thanksgiving, which happens on the fourth Thursday of November.
As readers around the world now know, the day after Thanksgiving – the “bridge day” that many Americans take as a vacation day to create a long weekend – is popularly known as Black Friday.
To be clear, that’s black as in ink, a metaphor from the days when accountants wrote positive balances in black and negative amounts in red ink.
(To be “in the red” therefore meant to be in debt – still does, in fact, although it’s well before all our lifetimes that anyone actually dipped their quill in a pot of red ink to make the point.)
The day after Thanksgiving became known as Black Friday because it was a day on which so much retail trade was done that many retailers, in a good year at least, would make enough money to bring their annual trading accounts into the black, leaving them with the rest of the Christmas shopping season to make their profit for the year.
As a result, Black Friday is now synonymous with massive sales, huge discounts, and some amazingly good deals, notably on tech gadgets.
Unsurprisingly, however, it’s also a time to be alert for “deals” that are no such thing.
If you’re incautious in your zest to score a “bargain”, you might not only lose your money on an item that never shows up, but also get phished or scammed out of your credit card number, passwords or other personal information.

Grand Day In

Traditionally, Black Friday meant a day out, spent in retail stores – perhaps even a day including a spot of biffo as rival customers fisticuffed their way to the front in shops that had extreme bargains on offer.
But more and more of this seasonal buying has moved online over the years, and online Black Friday trading will be huge in 2020, especially in areas where coronavirus lockdowns mean that many stores can only take orders over the internet, even if you’re allowed to show up later to collect them.
Additionally, with Black Friday now popular not just in the US but all over the world, there’s no global Thursday thanksgiving holiday that ties Black Friday to a specific Friday, or even to a Friday at all.
So we now have retail sales billed with linguistically curious names such “Black Friday week” and even “Black Friday month”, with deals vigorously advertised before, during and and after the actual US Thanksgiving weekend.

What to do?

Every year, as you can imagine, Naked Security gets asked, “What should I do about this? Will I be more at risk online than at other times of the year? How can I take advantage of the many genuine bargains that show up, without getting suckered by fake offers and scammers?”
The bad news is that if you’re at risk of being scammed on Black Friday itself, then you’re at just as much risk on every other day of the year, and you need to do something about that.
But the good news is that anything you do to boost your cybersecurity because of Black Friday is worth doing anyway.
In other words, if the prospect of snapping up bargains in Black Friday sales is the impetus that makes you want to improve your cybersecurity situation, we think that’s great!
After all, cybercriminals don’t care whether they steal your credit card details or phish your email password on Black Friday, Green Saturday, Red Sunday, Mauve Monday or Taupe Tuesday.
Furthermore, the crooks aren’t going to wait until Black Friday itself to try to scam you, and they aren’t going to stop their criminality when Black Friday is done.
Having said that, Black Friday deals can look so competitive (in theory, at least) that many of us may be more willing, at this time of the year, to take risks buying via on-line merchants we’ve never heard of before.

Six tips for safety

Here are six tips to stay safe online, whether you’re shopping for bargains because it’s Black Friday season, or shopping online because that’s become an unavoidable part of your 2020 lifestyle.

To check up how much your browser is saving for convenience when you browse, look through the Settings or Preferences screens from the browser’s main menu. In Firefox, check Preferences > Privacy & Security > Forms and Autofill. In Chrome/Chromium, see Settings > Autofill. For Safari, go to Settings > Safari > Autofill. In Edge, look at Settings > Profiles > Payment info.

By the way, be especially careful with your email account, by choosing proper passwords and using 2FA if you can (see tip 6).
These days, many of you probably don’t make much use of email in your day-to-day life, preferring app-based instant messaging services instead, such as WhatsApp, WeChat, Instagram, Signal and Telegram.
But your email account is still likely to be the channel for password resets on many of your other accounts.
In other words, crooks who take over your email account can not only prey on your friends and family under cover of your identity, but also attempt “account resets” for many of the other online services you use.

Three simple sayings

Here are three simple sayings that you can repeat to yourself out loud, just to slow yourself down a bit before you commit to on-line transactions you might later regret:

And remember that if it seems too good to be true, it is too good to be true, so if you have a hunch that what you’re looking at is a scam, back yourself: it IS a scam!


Exit mobile version