10 ways to avoid Black Friday and Cyber Monday scams in 2019

The holiday shopping season is almost here, and many of us are gearing up for the big sales that go with it. In particular, Black Friday and Cyber Monday are sure to be two of the busiest shopping days of 2019.

But bargain hunters aren’t the only ones looking forward to these retail extravaganzas: Hackers are already preparing to take advantage of unwary shoppers amidst all the craziness.

And unfortunately, far too many consumers will fall victim to scams, phishing attacks, and identity theft this year. This is not the way you want to kick off the holidays, so here are 10 steps you can take to stay safe while searching for the best deals.

And remember: Even if you already know some of these, your friends and family might not — so please share these tips with them!

1. 1

   Update Everything

   We say it often, but it bears repeating: Update your OSes. This is always a good practice, of course, but it’s especially important around this time of year. Why? First of all, you’ll probably be online more frequently than usual, meaning that your exposure to potential threats is going to increase. But secondly, malicious actors know that people perform more sensitive transactions during this season, so they will be looking to exploit every vulnerability they can. The good news is that security teams at Microsoft, Apple, and Android are usually quick to release patches when OS vulnerabilities are found — so start your holiday shopping right by making sure you have the latest updates!

2. 2

   Scan for keyloggers

   A keystroke logger, or keylogger, is a type of malicious software which covertly records every key you press on your computer. These threats are especially dangerous around the holidays, when you’ll be entering lots of sensitive data such as credit card information and account details. Keyloggers are hard to detect on your own, so make sure you use reliable, regularly updated security software to scan your system for these threats before you begin shopping — and remember to schedule periodic scans throughout the rest of the season (and the year).

3. 3

   Get a password manager

   Another thing we say a lot — and another thing that’s extra important around this time of year — is to get a password manager. Holiday shopping often means signing up for new retail accounts and services, which of course means creating new passwords. But many people, especially when they’re overwhelmed and short on time, are tempted to create simplistic passwords or to reuse passwords from other accounts. Unfortunately, these time-saving measures are extremely dangerous, and open you up to hacking and identity theft. Password managers let you create complex, unique passwords for every new account and do the hard work of remembering them for you — which is why security experts have called these invaluable tools “the single best thing you can do” for personal cybersecurity.

4. 4

   Use one credit card

   If possible, use a single card to do all your online shopping, as this minimizes the number of accounts you need to keep watch over and makes it easier to spot suspicious activity. It’s definitely best to use a credit card instead of a debit card, as credit cards make chargebacks and fraud claims much easier. Hopefully you won’t need to worry about it, but if the worst does happen, banks will often give you a much harder time when you’re attempting to recover money lost to fraudulent activity on debit cards.

5. 5

   Think before you click

   You’ll likely get tons of emails from retailers in the days leading up to Black Friday and Cyber Monday. Most of the deals and coupons you receive will be legitimate, but hackers are known to send out phishing emails around this time of year in the hopes that you’ll click on their malicious links amidst all the chaos. So be vigilant when you receive these emails, keeping an eye out for the telltale signs of a phishing attack. If you do receive a great offer that you want to check out, the safest thing to do is to navigate to the company’s website directly in your browser and look for the deal there, rather than clicking on a link that comes via email.

6. 6

   Watch for tracking scams

   During the run-up to the holidays, people are understandably concerned about the delivery of their orders — after all, we all want our loved ones’ gifts to arrive on time! Hackers know this, and take full advantage of that pre-holiday anxiety by sending out phishing emails which appear to be from shipping companies like FedEx or UPS, or from big-box stores claiming that there is an issue with your order. These emails will often ask you to click on tracking links or ask you to enter your store account details to check the status of your order. Be aware of this special holiday flavor of phishing email, and act accordingly: Go the delivery company or merchant’s website directly and check on your shipment or order there.

7. 7

   Buy name-brand gadgets

   Our obsession with name-brand products definitely has its downsides, but when it comes to computers, sometimes it pays to insist on the genuine article. Third-party vendors sell items that look like a major brand’s products, and often far lower prices than the brand in question. But when it comes to, for example, Mac peripherals, it’s difficult to guarantee the safety of these white-label alternatives. At least where computers are concerned, it’s probably best to do your shopping at the Apple Store or its equivalent for other brands.

8. 8

   Avoid “smart” closeouts

   The clearance bin is great for clothes and toys…but not so great for smart devices. The Internet of Things (IoT) is already notoriously insecure, with a reputation for devices which are extremely vulnerable to attack. And an IoT device which has been discontinued — or which was produced by a manufacturer who is going out of business — is a device which probably won’t be receiving many more updates and security patches! This could, of course, result in an awkwardly non-functional gift a few months down the road. But more importantly, it could also mean a gift which can be hacked by malicious actors. So when it comes to smart things, stick to products which are likely to be around (and regularly updated) for the foreseeable future.

9. 9

   Protect your packages

   While not an aspect of holiday cybersecurity per se, package theft is a growing scourge which affects online shoppers, and deserves a mention here. Services like Amazon’s Ring doorbell camera system attempt to curb package theft through technological means, but unlucky victims often just end up with a nice video of someone stealing their package! The best way to fight back against porch pirates is fairly low tech: Make sure your packages are delivered to a safe location. Many online vendors allow you to schedule deliveries for a time when you’ll be home, or to require a signature on all deliveries. Another possibility is to have your packages delivered to a safer location: your workplace, if they allow it, or even a friend or relative who is usually at home. In addition, big-box retailers often provide the option of picking up online orders in store at a nearby location.

10. 10

    Schedule a checkup

    If you do all of the above, you’ll most likely be safe from fraud, scams, and identity theft this year. But it’s always possible that you’ll miss something, so after the shopping frenzy is finished, take a few minutes to double-check your accounts for unusual activity. You may also want to perform a credit check to make sure no one has been opening accounts in your name with stolen data. It can be hard to remember to make time for this during all of the holiday activity, so set a calendar reminder to make sure it doesn’t slip your mind.

The holidays should be a time to celebrate, and to enjoy being close to friends and family. Follow these tips so that you can enjoy the holiday season in peace, and so that you can spend your time and energy on the people and things that matter most to you.