The UK's online shoppers are "prime pickings" for hackers and targeted attacks this Black Friday weekend, British spy agency GCHQ has warned.
As promotional offers begin to fill up the inboxes of buyers across the country today, the defence agency's National Cyber Security Centre (NCSC) has issued advice on how to tell the difference between genuine deals and fake attacks.
"Cyber criminals have a field day at this time of year because they know your guard is a little lower as you rush to bag the bargains," said Kate Sinnott, NCSC's head of public engagement.
"Your inbox is probably full of promotional emails promising the most incredible deals. And when this is the norm, it becomes hard to differentiate real bargains from the dodgy ones."
The warning is the first in a series of cyber security measures undertaken by GCHQ to protect Brits online in the run up to Christmas.
These are the NCSC's eight security tips for online shopping:
- Make sure you've installed all the latest apps and software updates to ensure your online security is as beefed up as possible
- Use strong passwords to protect yourself, especially on your email account. If a cyber criminal makes their way into your email account, they can find out personal information such as your name, birthday and bank details, as well as all the log-ins for any other account you hold online.
- Turn on two-factor authentication as a way of making sure the person doing the shopping is you. For sites that have this function, it can involve sending a text message to your phone with a unique code to make sure your password is secure.
- Use a password manager It's important to make sure you never use the same password twice, but it's also hard to remember them all. Password managers can help you keep track, and they're often already built into your browser or device.
- Be careful clicking on links from emails and texts. Some of these links can be legitimate, but they could also take you on to a fake website. The best thing to do is to only shop on sites you trust, or try to find those items on your own by searching in a browser.
- Don't give away more information than you have to when shopping. Stores will usually require some of your personal details to make the transaction go through, but you should only ever give the mandatory information required. If it's not a place you shop regularly, don't make an account.
- If things don't feel right, shut down your browser and report any concerns to Action Fraud. If you entered your bank details, let your bank know what just happened so they can be prepared.
- Stay on your guard, even after you're done shopping. Online sales fraud can happen weeks after a purchase, so it's important to be on the lookout for any suspicious activity in your bank account.