Cybercrime doesn't take a holiday. While many of us look forward to some time off, the combination of relaxation and increased spending during the festive season heightens cybercrime activities and the 2021 year-end season will likely be a bonanza for online criminals because we are spending much more online than before.
In the closing months of 2020, globally, consumers spent $1.1 trillion in online shopping. 2021 looks set to increase to $1.2 trillion, yet the real news is that in 2019 we only spent $726 billion. That is an enormous jump, and with it came much more interest from criminals. Additional factors heighten the risk of online crime. The increase in transactions during holidays can make it tougher to spot fraudulent activities.
We travel more, which means we transact from places we usually wouldn't and support channels such as call centres manage much larger volumes. Meanwhile, our vigilance becomes relaxed.
These season changes provide online criminals with significantly more opportunities and cover to do their dirty deeds. As is often the case, they exploit our negligence to their benefit. But there are several actions you can take to make yourself more digitally secure and stop online fraud or theft from spoiling your time off.
- Notify your bank of travel. If you plan to go away and transact in places you don't usually frequent, consider informing your bank's card division that you'll be travelling. This will help avoid false-positive reports, and your bank can triangulate any suspicious activities more accurately.
- Keep an eye on your bank statements. You should relax. But don't relax too much - periodically check your bank transactions for any suspicious activities.
- Don't use public wifi for sensitive transactions. It may be very convenient to log onto public wifi such as at a coffee shop or even a hotel. But many establishments neglect how well they reinforce their wifi security, and it can be easy for criminals to intercept wifi data. That, or they create a fake hotspot. If you want to log into your online banking or something similarly sensitive, use an encrypted wifi network with a password. Consider also using a VPN. You can also limit sensitive transactions to your mobile provider's network.
- Enable device location services. Offline criminals are keen to steal your phone or other devices. Many modern devices have a 'find me' service - check if yours provides one and activate it. And be careful about your belongings in public.
- Get a separate spending card. The bad news is that you cannot 100% secure your card. Criminals can compromise an e-commerce site, as they did with British Airways. Criminals inserted a 'sniffer' which captured people's card details as they bought tickets online. Consider getting a separate card with an account not directly linked to your other accounts. That way, if anything happens, they only get what's in that card's account. You can also check with your credit card provider about insurance and how they cover fraud. But avoid using your primary cards for holiday transactions.
- Be suspicious of apps. Criminals can use apps on your phone to spy on you and steal your details. Be very critical of the apps you download, even if they look like fun, holiday-themed time-wasters. Only download apps from official app stores, and even then, read the user rating carefully.
- Watch out for holiday scams. Online criminals use a variety of scams to steal your details and money. These tactics include fake charity drives, coupons and vouchers, prizes and unbelievable specials. They often piggyback on the names of known brands - if you see a special offer or voucher associated with a particular brand, contact them or check their official social media feeds for confirmation. And if the web address given looks suspicious - for example, brandname.somethingelse.com instead of brandname.com - avoid that site. Additionally, if the secure connection lock in the browser bar looks odd or if the site uses the HTTP protocol instead of HTTPS (this appears ahead of the web address in the browser), avoid it as well. Scams will often appear via Whatsapp or social media sites - they fool people you know into sending those messages.
- 'Tis the season for phishing. Phishing is the act of an email or text message that looks like it's from someone you know or trust. For example, it might be a message warning that your bank account will be frozen unless you confirm your login details, and it provides a link to click. This is an attempt to steal your details. A bank will NEVER ask to confirm your login details. If you get a message that tries to scare you into doing something, directly contact the company it claims to be. Do not click on links in these messages. The same goes for any messages asking for money or claiming you have won something.
- Activate two-factor authentication. Many of us already use two-factor authentication in the form of one-time pins or response menus that appear on our phones. It's a very effective way to thwart online criminals. You should enable two-factor authentication (also called multi-factor authentication) on sensitive services such as online banking.
- Watch your social media posts. This issue occurs more with 'offline' criminals, but it's good to be aware. If you go away for a holiday and post about it on social media, it could alert criminals that your home is uninhabited. Make sure your posts are private, and try to avoid posting too much information about your activities.