Avoid the online Christmas crooks this festive season

(Image credit: Image credit: Bruce Mars / Pexels)

According to new research, nearly a quarter of all UK shopping now happens on mobile devices. And with Christmas being the busiest time of the year for online and mobile shopping, this new statistic will be greatly received by hackers and scammers everywhere.

Over the holiday season, shoppers, and the businesses that serve them, need to be aware of the potential traps cybercriminals will use in order to stay safe and avoid falling victim to the Christmas crooks. Here are my top tips:  

(Image credit: Image Credit: Geralt / Pixabay)

1. Wi-Fi warnings

While free data sounds good to anyone, it sounds even better to hackers looking to piggy back on the access users readily volunteer to an unsecure public Wi-Fi network. Warnings offered by your phone or other device are easy to ignore when you’re trying to check your finances, buy last minute presents or check what time your train is leaving. In instances such as these, wherever possible, you would be safer online by using 4G data or a Virtual Private Network (VPN), offering peace of mind when out and about this Christmas.  

2. Secret Smishing

Ever-increasing SMS phishing (Smishing) attacks are something many people can fall victim to every day without even realising. The theory behind both is the same; lure in your catch with an enticing and believable message asking you to simply click a link and, once you do, the hacker will take you to a page where you may start giving away personal and sensitive information such as passwords or credit card numbers. 

The fear that some of these text messages cause can sometimes make you forget all your awareness training you may have received and make you panic into thinking your savings are under attack and should be moved ASAP. These convincing yet unexpected text messages are designed to unnerve you. If you are unsure, call customer services of the company contacting you on the phone – not within the message – to verify whether the message is legitimate. Reputable companies will never mind you calling to discuss any potentially fraudulent messages. 

(Image credit: Image Credit: Santeri Viinamäki / Wikimedia)

3. Check it twice: Trusted sites

When searching for the perfect gift online, all too often we end up on a website we have never been to before. If the price seems right, many of us may not think any further but there are some simple tricks we can apply to avoid falling into the Christmas crooks’ scams and help keep data secure. 

First, do your research on the website you’re visiting. Read into the company as much as possible in reviews and also look for the company’s contact details. Second, although on mobiles a site’s web address can be easily hidden when using your mobile browser, make sure you check the site’s URL is secure with https. This security is provided by an SSL certificate, which protects sensitive information entered into that site as it travels from the site to a server. 

4. Password pitfalls

From social media to utility bills to online banking, it’s understandable that you may want to use one memorable password across all your accounts. Yet while a simple password makes life easier for you, it can also make life easier for anyone looking to gain access to your accounts. 

Many new websites that require you to set up an account recognise the problem of easily cracked passwords. That is why you will now find yourself being asked to use a password that has a minimum number of characters, contains numbers or symbols, and at least one capital letter. Quite rightly, the days of ‘yourcatsname.1’, all lower case and one word, are over. So, if you’re still using a password that’s considered ‘weak’ by today’s standards, it’s time for an upgrade.

But fear not – you don’t need to remember your new, more complex passwords off the top of your head, because password managers remember them for you. All you will need is one, strong ‘master password’, with the added security of using two factor authentication, to verify it’s definitely you and then all your accounts are safe.

Jake Moore, Cyber Security Specialist at ESET UK 

  • We've also highlighted the best antivirus to help keep you safe online
Jake Moore

Jake Moore is a cyber security specialist at ESET UK. He is also a well respected industry expert who regularly comments on a range of cyber stories in publications such as The Guardian, The BBC, The Independent and Forbes. He is usually asked to give his opinion, advice and analysis on stories featuring a security or technology angle.