Icon: enlarge
Promotion for the bargain day (archive image)
Photo: Jennifer Weese / dpa
Even if Black Friday officially still exists as a bargain day: Actually, we have been dealing with a Black Friday week for years, which is directly followed by the Cyber Monday week.
The trade makes a large part of its annual turnover these days.
In the year of the corona pandemic, more of it than ever will be taken in via online shops.
According to an analysis by the price comparison portal Check24, it can really be worthwhile to strike on these days.
Last year, prices fell by an average of 1.9 percent from October to the end of November, only to rise sharply again by the end of the year.
The fear of missing out on the real bargains during this time makes some consumers careless.
This is exactly what criminals try to take advantage of, for example by luring them with particularly cheap offers and time-limited specials or simply pretending to want to check the data of their victims so that they can then shop at particularly low prices.
So that you do not become a victim of cyber criminals, we have summarized the most important tips that security experts give consumers for online shopping in the run-up to Christmas.
Don't be rushed
: Even if a countdown is counted down in the email with the tempting offer or on the provider's website: Take the time to check the offer.
Is that really a bargain?
Does the address line of the browser really contain the exact internet address of the alleged provider?
Is the email really from the company on whose behalf it is advertising?
HTTP
: Do not rely solely on the lock symbol in the address line of your browser, which indicates a connection encrypted via HTTPS.
"HTTPS could mean that a website is secure, but it could still be malicious," warns Florian Schorer, Cyber Security Specialist at Mimecast.
In other words: your connection to the website may not be eavesdropped on by others thanks to HTTPS, but a fraudster can still be at the other end.
The right means of payment
: Preferably use credit cards or payment apps to pay on the Internet, avoid direct transfers from your current account or using your EC card.
This is another recommendation from the IT security company Mimecast.
Because once the money is down from your checking account, it would usually be very difficult to get it back.
Fraudulent transactions with a credit card, on the other hand, are usually secured by the banks.
Payment technologies such as Apple Pay and Google Pay also protect payment transactions by only transmitting a so-called token to the respective provider, which only the credit card provider can translate into the corresponding credit card number.
If criminals steal such a token, you can hardly cause any damage with it.
If you would like to know more about the advantages and disadvantages of the various payment methods: The Federal Office for Information Security (BSI) has just published a very detailed brochure on the subject (PDF).
Use two-factor authentication:
Paying by credit card or PayPal can be secured with an additional security factor.
This can be, for example, a code sent by SMS to a previously registered cell phone, authorization of payment via a banking app or a similar procedure.
From 2021, such double security procedures will be mandatory, and if you haven't set up something like this for your credit card, now is the right time.
Watch out for revenge errors:
The IT security company Malwarebytes recommends being suspicious of unknown senders, especially if they ask for login details or offer you unknown links to click on.
Above all, however, the company advises checking e-mails with particular suspicion if they contain a noticeably high number of spelling errors, because most companies would use proof-read templates for communication with their customers, "so that errors are rare."
Don't like too much
: Malwarebytes also advises
you to
carefully check posts on social networks that promise freebies or profits.
Do you know the account that posted this?
Has the account been verified at all and does it really belong to the company it claims to represent?
Be careful about what you like and forward, otherwise you run the risk of unintentionally contributing to the spread of fraudulent offers yourself.
Bonus tip: do not lightly click on shortened links in such advertising postings.
Since such links cannot always tell where they are leading, they can lead you to dangerous websites.
In addition, especially in the run-up to Christmas, it is important to observe the basic IT rules that should actually be heeded all year round: Keep the operating systems of your smartphone and computer up to date, and regularly update your apps.
In this way you can be sure that at least all known security holes have been closed.
And should something go wrong and you find any unauthorized transfers of money on your account, contact the emergency number of your bank or credit card company or a direct contact there immediately.
The security service provider Sophos recommends writing down the relevant numbers on a piece of paper: "That way, you don't get embarrassed about having to rely on contact details that come from a fake e-mail."
Icon: The mirror
