New figures from GCHQ’s National Cyber Security Centre (NCSC) and Action Fraud have revealed rising losses to online scammers during the festive shopping season.
Clothing, high-end tech products and even cars were among the products featured in 16,000 reports of online shopping fraud scams between November 2023 and January 2024, with shoppers reportedly losing £11.5m between – an average of £695 per victim – up from £10.6m the previous year.
As Black Friday and Cyber Monday mark the beginning of the Christmas shopping season, with retailers offering substantial deals both in-store and online, shoppers are being urged to protect themselves by setting up 2-step verification to protect their online accounts. But what can businesses do to help prevent customers falling victim to cyber scams and attack?
6 steps businesses can take to protect customers from cyber threat
Use HTTPS: Ensure your website uses HTTPS to encrypt data exchanged between your customers and your platform. This helps protect sensitive information like login credentials and payments details from being intercepted.
Educate employees and customers: Inform your customers and employees about common cyber threats such as phishing and how to recognise suspicious emails or messages. Encourage them to verify the authenticity of communications that mimic legitimate sources before clicking on links or providing personal information. You can also provide secure shopping tips such as checking for the padlock icon in the browser, avoiding public Wi-Fi for transactions, and using strong, unique passwords.
Implement strong authentication: Use multi-factor authentication (MFA) to add an extra layer of security for customer accounts. This makes it harder for attackers to gain unauthorised access even if they obtain login credentials.
Secure and monitor payment gateways: Ensure that your payment gateways are up-to-date with the latest security patches and comply with Payment Card Industry Data Security Standards (PCI DSS). This helps protect customer payment information from being stolen.
Monitor for suspicious activity and bots: Continuously monitor your website for unusual activity, such as spikes in traffic or login attempts, which could indicate a cyber attack. Use tools like Web Application Firewalls (WAFs) to filter and block malicious traffic and anti-bot solutions to detect and block automated attacks.
Regularly update software: Keep all software, including plugins and web applications, updated with the latest security to close any vulnerabilities in your systems attackers might exploit
Shoppers are also encouraged to be vigilant against social engineering tactics that push them to act quickly without thinking. Criminals often create false urgency by using limited-time offers or promoting items that seem scarce or not widely available which is a tell-tale sign of a scam.
Black Friday and Cyber Monday are a prime time for cybercriminals to exploit shoppers looking for a Christmas bargain and these scammers are using increasingly sophisticated methods, which are becoming harder to detect.
By implementing these measures, businesses can create a safer online shopping environment and help protect their customers from cyber threats during the busy holiday sales period.
For cyber security advice and guidance for your organisation, please call 0808 144 5575 or email help@armstrongwatson.co.uk.
