During the Christmas shopping season, not only do countless discounted online shopping deals become available, but the number of online criminals also rises significantly. Cybercriminals exploit this period every year; the number of online scams and frauds increases by 400% during this time.
What should we look out for, and how can we protect ourselves against increasingly sophisticated scammers? Here are six cybersecurity tips from Régens to keep you safe during the holidays.

1. Stick to Trusted Websites

There’s no better method than sticking to the tried and true. Websites you are already familiar with carry less risk. Whenever possible, choose an online store you have previously used and trust. By maintaining a personal list of reliable e-shops, you can conveniently and safely procure your holiday gifts while avoiding the seasonal chaos in physical stores.

2. Check Unknown Webshops Carefully

If you decide to order from a new website, always verify its legitimacy. Cybercriminals can create deceptive sites that mimic the design and branding of legitimate stores. Suspicious characters or typos in the URL, or the absence of HTTPS, can be warning signs. Check when the domain was registered and how long the site has been active. If the webshop is relatively new, proceed with caution. Look for customer service contact information, terms and conditions, and any purchase guidelines on the website. The absence of these elements should raise suspicion.

3. Be Cautious on Social Media

According to the Brand Protection Trend Report, misuse on social media increased by 22% annually in 2023. Scammers often exploit live selling and marketplace features, posing as buyers or sellers to extract sensitive data from unsuspecting users. Watch out for poorly written messages, overly formal language, or unusual delivery attempts.

Social media accounts and pages can also be used to impersonate reputable brands, misleading trusting customers into visiting fake websites and paying for invalid transactions.
Any account, including those of businesses, can be hacked and used as a front for scammers. If something seems off or unusual, it’s a good idea to directly contact the person or company via a different communication channel.

4. Responsible Card Use = Secure Payments

Before making a transaction, ensure it’s on a secure page (via payment service providers) or directly on the webshop’s platform. For the latter, consider alternative payment methods, such as bank transfers. When paying in advance, use a dedicated virtual or web card and only allocate the exact amount required for the purchase. Always set purchase limits on your cards to minimize potential losses in case of fraud.

A new and popular method of card fraud involves the buyer’s unsuspecting consent. Scammers offer products at extremely low prices but require the buyer to agree to a seemingly unrelated recurring service subscription to access the deal. As a result, scammers repeatedly withdraw money from the account, as the cardholder unwittingly consented to the service subscription.

5. “Your Package Has Arrived.” Or Has It?

A common scam involves cybercriminals posing as courier services and sending notifications to your phone or email containing phishing links. These links redirect to websites where unsuspecting customers are prompted to provide bank card or online banking login details. Remember, no legitimate package delivery requires your banking login information. Be wary if the courier notification contains poorly written text, the sender’s email address doesn’t match the courier’s official domain, or the included link doesn’t lead to the official service provider’s site.

Another increasingly common method is sending an expensive cash-on-delivery package that you never ordered. Before accepting any package, verify the sender and recipient details. If the package is addressed to you and you’re sure you’re not expecting it, refuse the delivery before making any payment. Apply the same caution for packages addressed to family members or coworkers. Sometimes for corporate recipients, accepting a package might not only cost the cash-on-delivery fee but could also inadvertently agree to an unwanted subscription.

6. Protect Against E-Skimming

Online store operators must prepare for the most dangerous current fraud methods. If their customers fall victim to scams or theft, it undermines the credibility of their entire business. One of the most prevalent methods this year is e-skimming. This involves malicious codes being embedded into e-commerce sites’ payment systems to steal credit card details. Only webshop operators can counter this threat by implementing regular security updates, regularly reviewing their online store’s source code, ensuring proper configuration of content delivery networks, and standardizing software solutions to avoid vulnerabilities caused by inconsistencies.

Want to ensure your online systems are secure? Request our vulnerability assessment service!

Sources: SZTFH, RetailMinded, CyberShield, Forbes Advisor, NMHH