Black Friday: Cyber security expert warns shoppers to be vigilant

CYBER criminals will be looking to exploit shoppers during the Black Friday and Cyber Monday sales – an expert from cyber security firm CSS Assure has warned.

With UK consumers planning to spend an estimated £5.6bn on Black Friday (24 November) and Cyber Monday (27 November) purchases this year, Charlotte Riley, director of information security at technology at CSS Assure, said bargain hunters lowering their guards during the rush to bag the best deals are at greater risk of malicious threats.

Charlotte said: “In the run-up to and during Black Friday and Cyber Monday, many outlets will run promotional offers to encourage spending. This is a potentially lucrative time of year for cyber criminals as they know shoppers are less vigilant as they rush to snap up the best deals.

“Cyber criminals will no doubt be looking to take advantage of the vast amount of transactions taking place and the financial information being shared as a result. There is also an increase in promotional email traffic, which makes it hard to differentiate the real bargains from scams – presenting a heightened risk of phishing attacks.

“With this in mind, it is important consumers take steps to protect themselves and their families during two of the biggest shopping days of the year.”

Password management

“Firstly, shoppers should think about the last time they changed their passwords, especially on important accounts. If their passwords are dated then strongly consider changing them, and, if possible, use a password management solution to ensure they are unique and appropriately complex.

“While this is a faff, it is the single greatest defence you can make to protect yourself against a cyber attack and will instantly make you much safer online. Adding an extra layer of security like two-factor authentication can prevent unauthorised access even if someone gets hold of your password.

“Currently, there are millions of emails and passwords for sale on the dark web, which have been breached by companies that have not protected people’s personal data sufficiently. Cyber criminals can buy this data for minimal amounts of money and gain access to your emails.

“They will look for social media accounts and online high street accounts and test your combination to gain access. From this, they can gather more personal data until they have enough to conduct identity theft, which could result in credit being taken out in your name or using your saved payment cards to make online purchases, for example.”

Personal data breach identification

“It is a good idea to understand whether your data has been breached so you can put in place other necessary measures to protect yourself. To do this you can use a free service provided by Have I Been Pwned. All you need to do is enter your email address and the site will tell you whether it is associated with a breach and if so, what other data has been stolen.

“If you have been breached, it is even more important that you change your password to break the chain. Next, you need to understand whether you have been entered into any spambots – as the name suggests, these are bots that send spam to you.

“While some spam is laughable, others are highly credible. If you’re rushing, there’s a higher change you will click a link in a spam email, which could execute malware or ransomware on your device.

“A blended strategy is best for rectifying and avoiding your exposure to spam – and, in turn, the chances of clicking on a malicious link.

“Start by enabling and customising your email provider’s spam filters to automatically detect and redirect suspicious emails to the spam folder. These settings – as well as your security and privacy options – should also be regularly reviewed or adjusted. Unsubscribe from unwanted newsletters or promotional emails, and make spam emails as junk within your email platform.

“Some email services offer the option to create disposable or temporary email addresses for specific purposes. This way if the address gets compromised or spammed, you can easily discard it without affecting your primary email. You should also be cautious about sharing your email address on public forums, social media, or unfamiliar websites to minimise exposure to potential spammers.

“While these may seem to be arduous tasks, they are effective and vital ways to protect yourself.”

Check your anti-virus protection

“Finally, make sure your anti-virus protection is installed, activated with a valid licence and updated. While free anti-virus software is available, in life you get what you pay for and it may not protect you sufficiently. Competition to provide the best anti-virus changes year on year between the main vendors as they achieve technology breakthroughs in response to the evolution in cyber threats.

“The best thing to do is check reputable tech websites for reviews of the best current anti-virus software. We recommend buying a one-year licence, and then when it comes to renew, assess which company has moved to the forefront of anti-malware protection. There will always be new customer deals to be had.”

Grab the bargain! Make the most of early Cyber Monday deals

Shoppers looking for a bargain are being advised to make the most of Cyber Monday deals with tips on how to make the most of the event:

Anxious Brits who are worried about Christmas spending costs are being advised to start shopping early to make the most of early sales this November.

The frugal team at NetVoucherCodes.co.uk have revealed 10 top tips for shoppers to follow to help them grab the best deals and spare the extra cash.

With the biggest sales event of the year soon approaching, shoppers are being advised to browse carefully and plan early to secure the best bargains available.

As the cost-of-living crisis deepens this winter, a large number of retailers have launched special discount events from the start of November to help people grab the best deals throughout the entire month.

Many of these deals are taking place online due to changing shopping habits, with eager shoppers being encouraged to start early to avoid lengthy online queues and gain early access to the top deals.

Making accounts before the discounts go live and setting up your banking details before the discount event are just some of the savvy tips shoppers can follow to make the most out of the seasonal offers.

Rebecca Bebbington, online consumer expert at NetVoucherCodes.co.uk said: “With the cost-of-living crisis deepening this winter, many are worried about the costs of the festive spending period.

“We’re advising people to start shopping as early as possible – Black Friday and Cyber Monday are great opportunities to grab a bargain and save on buying Christmas gifts by shopping in advance.

“Using simple shopping tactics such as having a plan in place on what you want to buy and keeping an eye out for special deals on social media can help buyers to check off the Christmas list without breaking the bank.”

“However, we’re noticing brands offering discount codes and reducing their prices as early as now so it’s best to get on top of these special deals at the earliest possibility.”

Here are 10 useful ways for shoppers to make the most of Cyber Monday from NetVoucherCodes.co.uk:

  1. Start early

Many retailers now start their sales up to a week or two before the big day. Keep an eye for bargains in the lead up to Black Friday and Cyber Monday in order to not miss out on a great bargain.

  1. Have a plan

Calculating what you want to buy, the price you want to buy it at, and where you want to get it from is essential if you want to avoid any stressful situations on the day. Try to set a budget to help control overspending, especially in the run-up to Christmas.

  1. Hold off the impulse buys

Impulse buying on Black Friday can be a dangerous game, so creating a list of products to purchase prior to the sales can help to avoid any impulse purchases.

  1. Use discount codes

Many retailers allow shoppers to use multiple discount codes at the checkout, so there is no harm in checking voucher websites for an extra few quid off an item. Even if there aren’t any codes to use, voucher sites may reveal exclusive deals only available through them.

  1. Research the price

More than often, retailers can sometimes change the original price of products before big sales to make them appear to be a better deal. So make sure to evaluate the prices in the lead up to Black Friday to make sure you get more for your buck.

  1. Make accounts in advance

Online retailers typically ask shoppers to create accounts in order to purchase products. Creating these accounts early can save precious time at the checkouts, before items quickly become out of stock.

  1. Check the returns policy

It’s vital to check the returns policy for any items bought both in-store and online. Most stores will offer you a full refund or exchange however, they’re not obliged to so it’s always best to check with the retailer before you buy.

  1. Remember Cyber Monday

If you’re busy on Black Friday, don’t panic. Due to the rising popularity of the seasonal discount event as well as the marketing opportunities for companies, deals usually span the weekend and into Cyber Monday too.

  1. Don’t use a debit card

When you’re buying items during the sales, try to use a credit card or a trusted payment system. This provides extra protection when shopping on the web especially on sites that may not be protected while making it easier to manage monthly payments if you don’t have the full amount in the bank.

  1. Monitor social media

A quick scroll of the Instagram, Twitter or Facebook feed can reveal some offers and discounts exclusive to social media users. Brands will also provide the most accurate and up-to-date information regarding stock, opening times and even how busy their retail stores are.

For more money-saving tips head over to NetVoucherCodes.co.uk.

Action Fraud alert: Shop safely ahead of Cyber Monday

Scam online shopping bargains which were ‘too good to be true’ cost shoppers £15.4 million over the Christmas period last year

New data from Action Fraud, the national reporting centre for fraud and cyber crime, reveals that 28,049 shoppers were conned out of their money when shopping online over the Christmas period last year – an increase of almost two thirds (61 per cent) when compared to the same period in the previous year.

Ahead of Cyber Monday, Action Fraud is warning the public to take extra care when shopping online as reports of online shopping fraud have continued to surge as shoppers continue to buy from web based retailers in light of the pandemic.

Pauline Smith, Director of Action Fraud, said: “Christmas is an incredibly busy time for us all but sadly, criminals will see this is as an ideal opportunity to take advantage of shoppers who are caught up in the excitement of securing a bargain online.

“If you think you have found a bargain that is too good to be true, it probably is. Stop and think before making a purchase as it could protect you and your money.

“Always shop with official retailers and follow our simple advice to enjoy shopping online safely and ensure you are not left empty handed this Christmas.”

During the Black Friday and Cyber Monday sale events last year (23 November – 6 December 2020), almost £2.5 million was lost to criminals – an average loss of almost £550 per victim.

Shoppers reported buying mobile phones (26 per cent), electronics (17 per cent), vehicles (10 per cent) and clothing and footwear (8 per cent) on sites such as Facebook (18 per cent), eBay (14 per cent) and Gumtree (7 per cent), only to have the items never arrive.

Over half (54 per cent) of reports that mentioned electronics referenced popular game consoles such as Xbox and PlayStation 5.

The highest percentage of reports (27 per cent) came from 20 to 29 year olds and over two thirds (68 per cent) of victims were aged 20 to 49 years old.

One common tactic used to defraud victims is the use of fake websites that are purporting to be reputable companies. These websites are created to look identical to the real website they are imitating and will advertise items but at a much cheaper price than retail price to entice victims. In reality, these websites are fake and the victim will never receive the item they have paid for.

How to protect yourself

Choosing where you shop: If you are making a purchase from a website or person you don’t know and trust, carry out some research first. Look online for reviews of the website or person you are buying from. If you are purchasing an item from an online marketplace, you can view the seller’s feedback history before going ahead with the purchase.

Payment method: Use a payment method that offers buyer protection, such as a credit card if you have one, as most major credit card providers will help you get your money back if the item is faulty or damaged, or if it never arrives.

Staying secure online: Use a strong, separate password for your email account. Criminals can use your email to access other online accounts, such as those you use for online shopping. You should also enable two-factor authentication (2FA), where possible, which gives your online account additional protection by double checking that you really are the person you claim to be, when logging in. For further information about how to stay secure online, visit www.cyberaware.gov.uk.

Watch out for phishing emails or texts: Some of the emails or texts you receive about amazing offers may contain links to fake websites. If you are unsure, don’t use the link and visit the website directly instead.

If you receive an email you’re not quite sure about, you can report it by forwarding the email to the Suspicious Email Reporting Service at report@phishing.gov.uk.

You can report suspicious texts you have received by forwarding the original message to 7726, which spells SPAM on your keypad.

You can report suspicious websites via the National Cyber Security Centre’s scam website reporting service.

Action Fraud also advises that the public follow the advice of the Take Five to Stop Fraud campaign to keep themselves safe from fraud.

  • Stop: Taking a moment to stop and think before parting with your money or information could keep you safe.
  • Challenge: Could it be fake? It’s okay to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
  • Protect: If you think you’ve been a victim of fraud, contact your bank immediately and report it to Action Fraud online at actionfraud.police.uk or by calling 0300 123 2040. If you’re in Scotland, you can report it to Police Scotland on 101.

For more advice, please click here here.

HMRC: Be aware of post-Brexit changes before key Christmas shopping dates

As Black Friday and Cyber Monday approach, HM Revenue and Customs (HMRC) is urging online shoppers in Scotland to avoid being hit with unexpected customs charges.

Changes introduced on 1 January 2021 means that consumers who previously had to pay charges when buying certain items from non-EU sellers may now also need to do the same when buying goods from the EU.

Katherine Green and Sophie Dean, Directors General, Borders and Trade, HMRC, said: “With Christmas rapidly approaching, we don’t want shoppers to be caught out by unexpected charges which will take the fun out of their shopping experience.

“There are now a number of factors that people will need to consider when purchasing goods from the EU, so shoppers are being advised to check guidance to ensure they know what they will owe.”

HMRC recommends people look at the seven top tips below to determine whether there will be charges on their goods.

If there are charges to pay, shoppers may also need to pay a “handling fee” to the courier company before their goods are released.

  1.   Be aware of where you, the recipient, are based.
  • Shoppers based in Northern Ireland won’t be affected by these changes due to the Northern Ireland Protocol, however those in Great Britain should be prepared for potential changes.

2.    Check whether your order contains excise goods, such as tobacco, alcohol or perfume.

  • Unlike other items, there is no lower threshold for customs charges when it comes to excise goods, so there will be charges due no matter the value or origin of your goods.
  • Shoppers buying excise goods will need to pay import VAT and excise duty. They may also need to pay customs duty (see tip 7 for more info).
  1. Check whether your order is worth more than £135, before extra costs, such as shipping and insurance are applied.
  • Shoppers buying stocking fillers or small value items, not including excise goods, don’t need to worry as goods sent in consignments worth less than £135 should not attract additional charges, as UK VAT is collected by the seller on behalf of HMRC at the point of sale. This also applies to goods being purchased from non-EU countries.
  • Anyone buying a more expensive product from abroad – over £135 – will now need to pay import VAT and may need to pay customs duty. The amount due will depend on a range of factors, including shipping and insurance costs so, to avoid surprises, consumers should consult their seller. 
  • Shoppers who already know they will need to pay import VAT should make sure their seller does not charge them VAT, otherwise they may be charged twice (see tip 5 for more info).
  1. Be mindful of new charges when sending or receiving gifts from an individual based overseas.
  • If you’re lucky enough to receive a gift from someone based in the EU and it is valued at less than £39 and it does not contain excise goods, it will be exempt from import VAT and customs duty. Above the £39 threshold, import VAT will be due and once the value of the gift reaches £135, customs duty will also be payable. You could also get charged a “handling fee” (see tip 5 for more info).
  • If you are planning on sending a gift to someone based overseas, you should check guidance published by the relevant customs authority to check their specific rules and charges.

5.    Be aware of how and when you could be notified of charges.

  • Anyone needing to pay customs charges will be contacted by the courier company and asked to pay the charges before they can receive their goods. Alternatively, the seller may arrange to pay any charges upfront on your behalf, but you should check with the seller to avoid any unwelcome surprises.

6.    Check the guidance available to you.

  • To help shoppers navigate these changes, HMRC has produced diagrams outlining three fictional scenarios about buying goods from the EU and has published a simple guide on GOV.UK, which also contains essential information on how to dispute a charge, return unwanted goods and to get a refund on the charges paid.

7.    Check with the seller whether the goods originated in the EU and whether they qualify for a “zero tariff”.

  • Customs duty won’t be due on goods if they meet criteria set out in the EU-UK Trade and Cooperation Agreement and a “zero tariff” can be correctly applied.
  • The “Rules of Origin” requirements mean that even if your parcel is valued above £135, if the goods you are buying originate in – or have been sufficiently worked or processed within – the EU, the seller confirms this and the zero tariff is claimed on the customs declaration, you will not need to pay any customs duties although import VAT will still be due.
  • If customs duty is due, the rate – or the Tariff – for each item can be found within the trade tariff tool but it’s recommended you check with your seller to find out exactly what you will owe.

For more information on the changes as well as finding crucial information about how to return goods and get a refund on charges go to GOV.UK

Five ways to keep your personal data safe from hackers this Cyber Monday

New research reveals that nearly half (49%) of UK adults have not installed or didn’t know whether their mobile phone has security software. So keeping personal data safe from hackers has never been more important. 

In the wrong hands, stolen data can be used by hackers for illegal activity such as applying for loans or credit cards under a victim’s name, or bank accounts being accessed and money withdrawn.  

To help keep data safe, leading insurance provider, Insurance2go, shares five ways mobile phone users can help to protect personal data stored on their device.

  1. Be cautious of public Wi-Fi 

Using public Wi-Fi is great for those who have a low data allowance, or are running out of mobile data. However, public networks often don’t provide a secure connection, making it easy for hackers to use them to access personal data.  

Hackers targeting public Wi-Fi hotspots are able to use what is known as a ‘man-in-the-middle’ attack, which is when a hacker intercepts financial information, passwords and log-in information through a public network.  

Always avoid using mobile banking apps or making online purchases whilst logged onto a public Wi-Fi network. For those who do need to use public Wi-Fi, use a Virtual Private Network (VPN) app. A VPN can protect data from getting into the wrong hands by encrypting online data and keeping personal information secure when using a public Wi-Fi connection.  

  1. Turn off ‘sharing’ settings when not in use 

Smartphone features that share a location should be used with caution and always turned off when not in use. Features such as Bluetooth, Wi-Fi, location services, mobile data and Near Field Communication (NFC) are susceptible to hacking, especially Bluetooth location services as they transmit a device’s location and presence. 

Hackers can easily get hold of personal information and data through features that mark a phone as ‘visible’, so always make sure to disable such features when they are not needed. 

  1. Only download legitimate apps 

Downloading illegitimate apps is another way to open your personal data up to hackers. Often, apps hosted on some websites or third-party app stores can contain malware and can access data once downloaded. It’s recommended that users only download apps from the official app stores, so App Store for iOS users, Google Play for Android users or the AppGallery for Huawei owners. 

  1. Be wary of app permissions 

When an app is first downloaded, it often asks for ‘permission’ to access certain features or information held on a mobile phone. From the camera roll, to your speaker, location or phone contact list, apps can ask for a range of permissions in order for certain functions to work.  

Be cautious of what information an app is requesting access to and question whether the app actually needs that information. For example, a photo editing app doesn’t need contact list information in order to function correctly, so take the time to properly think about whether or not that information is needed. 

Viral video app, TikTok, recently came under fire for security issues in the US, with reports claiming that the Pentagon warned U.S. military personnel in January to delete TikTok from their phones and India, last month, banned Tik-Tok amongst other apps, over security and privacy concerns so it’s always important to review what permissions are being asked for by an app. 

  1. Avoid using auto-login 

Whilst it’s recommended to have a variety of passwords for online accounts rather than the same password, auto-login gives hackers easy access to personal data by simply opening up an app or webpage. For those likely to forget multiple passwords, note them down in a secure, password protected note on a phone, or in a notebook that is kept secure and stored away. 

And it’s not just using your mobile phone that can open your personal data up to hackers. What happens if your mobile phone is lost or stolen? Insurance2go  shares some useful tips for people who might find themselves in this scenario and want to keep their personal data safe: 

  1. Firstly, report the phone as missing to the network provider, who can suspend or disconnect the service to the phone. This can help stop any authorised use of the phone if it falls into the wrong hands. 
  1. If the mobile phone is known to be stolen, inform the police who will be able to provide a crime number, which can be used if the user needs to inform an insurance provider.    
  1. Most smartphones now have a built in ‘kill switch’, which can allow a user to remotely deactivate a device if it’s lost or stolen. In order to work, the feature needs to be enabled. For iPhone users, the ‘Activation Lock’ can be enabled within the‘Find My’ app to help keep data safe. Firstly, go to the‘Find My’app > Tap thedevices tab and choose which device is lost or stolen, then tap Activate under ‘Mark as Lost’and follow the prompts on screen. Android users can enable the kill switch with ‘Find My Device’. Go to Settings >Google>Security, then turn on ‘Remotely locate this device’and ‘Allow remote lock and erase’
  1. Finally, immediately change passwords for any accounts or apps that can be accessed on the mobile phone. Prioritise any important accounts first, such as online banking and other associated accounts. 

Richard Gray, Head of Marketing and Digital, at Insurance2go said: “Our mobile phones are home to lots of stored data and without correctly protecting your personal information, it could easily land in the wrong hands. 

“‘SIM-jacking’ is a common method where hackers are able to use stolen data to obtain a Porting Authorisation Code (PAC). This can then be used to switch the victim’s phone number to another phone on another network, helping them gain access to a range of personal data and information, often including banking details. 

“Protecting data stored on a mobile phone is extremely important. Hackers are often creating new ways to get a hold of our data, so we hope that by sharing our tips, we can help people avoid getting caught out by fraudsters.” 

To find out more about VPNs and how to protect data whilst on a public Wi-Fi, please visit: https://www.Insurance2go .co.uk/about/news-blog/blog/everything-you-ve-ever-wanted-to-know-about-vpns