Widely regarded as the official start to the Christmas shopping season, Black Friday and Cyber Monday are exciting because many retailers announce limited-time sales that promise huge savings to die-hard consumers. Not even the pandemic looks like it will dent consumers’ enthusiasm. In September 2020, for instance, Bloomberg shared research from Deloitte that holiday spending was expected to increase between 1% and 1.5% largely because of e-commerce shopping. Reuters wrote a month later that U.S. online spending during the holidays would likely increase by 33% to $189 billion due to a flood of early promotions from retailers.

In their fervor to save money and score big, however, some shoppers don’t take the necessary precautions to protect their personal and financial data. Attackers are well aware. They use various means to abuse this excitement and prey upon holiday shoppers.

The problem is that many people aren’t familiar with these types of attacks. Indeed, 60% of information security professionals told Tripwire in a Twitter poll in 2019 that they don’t think their non-infosec friends and family could spot an email scam. Even more than that (84%) said there’s not enough digital security awareness among the public around the holidays.

All of us at The State of Security want everyone to stay happy, safe and digitally secure for the holidays. Towards that end, let’s discuss some digital threats that shoppers need to watch out for on Black Friday and Cyber Monday. We’ll also highlight some security best practices that consumers can use for the holiday shopping season.

1. Phishing Attacks

In a phishing attack, a bad actor tries to trick you into doing something you wouldn’t ordinarily do like clicking on a suspicious link for a Black Friday or Cyber Monday sales deal. Phishing links commonly lead to fake login pages (Read more...)