Shopping safely over Black Friday and Cyber Monday

Black Friday and Cyber Monday are almost upon us, kickstarting what retailers hope will be a successful trading period. However, the flurry of purchases and the data that represents means cyber criminals will also be looking to cash in.

Although the UK was slow to adopt Black Friday (which falls on 23 November this year) and Cyber Monday (26 November), the country is now fully on board with the fantastic savings and unbeatable offers it promises. According to McKinsey, 92% of UK shoppers are aware of Black Friday. In 2017, 91% of brick-and-mortar stores got involved with Black Friday, which looks set to continue this year. However, retailers offering both a physical and digital presence stand to gain the most, as the omnichannel approach is favoured by 69% of UK-based survey respondents.

The past five Black Friday periods have resulted in the highest spend levels the UK has seen, with generous price reductions motivating 65% of consumers to shop. And as you’d expect, the best deals are found online.

What are the risks?

As well as genuine traders, Black Friday and Cyber Monday also bring out the fraudsters, who will be targeting shoppers through a barrage of emails, banner advertising and social media posts.

Customers must ensure sites are legitimate before making a purchase, and they need to keep an eye out for anything suspicious. For example, a request for card or login details at any point other than at checkout is most likely a scam.

There is also an increased risk of phishing over the Black Friday period. If you’re on a PC – which 53% of UK consumers will be this season – ensure your machine’s anti-malware software is up to date, but also look out for tell-tale signs such as mismatched URLs and misleading domain names in emails. The differences can be subtle, but they are there.

What can I do to stay safe?

According to Action Fraud, online shoppers suffered £58 million of fraud in almost 43,000 incidents last year, so it’s worth taking a few basic steps to reduce the risks of being targeted by cyber criminals.

  1. Remain vigilant and think about what you’re seeing. If an offer seems ‘unbelievable’, it probably is. If you receive emails from an unknown source with enticing subject lines, think before you open them. And never disclose your personal information.
  2. Use credit cards. Credit card companies often offer better fraud protection than debit card providers, and many don’t hold the cardholder liable for fraudulent purchases. Alternatively, consider using PayPal, which offers a dispute resolution service. If you’re buying in store, making cash purchases means your data won’t be processed on the shop’s POS (point-of-sale) system.
  3. Use secure websites. When buying online, only visit and transact on secure sites. These are easily identified by the padlock symbol next to the URL, and/or the https at the start of the URL (rather than just http). These two signs are indications that the site is safe to use.
  4. Monitor your financial statements. Even if you have taken the above steps, take the time to monitor your bank accounts. If there has been any fraudulent activity, you’ll want to flag it with your payment provider so that cards can be frozen and an investigation started.

Need more information?

There are many ways to stay safe when shopping online. Consumer site Which has several guides that go into more detail.

All retailers that accept card payments are legally required to comply with the PCI DSS (Payment Card Industry Data Security Standard), which sets out a framework of best practices to keep card details secure.

In addition, the EU GDPR (General Data Protection Regulation) serves to protect individuals’ personal data. All organisations that capture, store and use personal data – which online retailers most certainly do – must treat that data appropriately. When purchasing, it is prudent to read the company’s privacy policy and terms and conditions so that you understand what data will be stored and how it will be used. Any organisation that uses data in a way not specified within its policies can be reported to the ICO (Information Commissioner’s Office) and investigated.

There are sure to be some great deals on Black Friday, and it’s human nature to want to grab a bargain, but tread carefully to avoid becoming a victim of cybercrime.