Christmas period is unarguably the busiest period as compared to all other festive seasons within the year. As such, online activities and electronic transactions tend to increase. People will be sending and receiving gifts mostly through electronic means (Mobile money transfers, foreign remittances, credit & debit cards transactions, internet payments, ATM transactions, etc.).
More people will also be working from home, sending and receiving emails, using the Internet and accessing online web portals.
The season also presents a good opportunity for cyber-criminals to exploit. While people prepare for the festivities, cyber-criminals also look for opportunities to scam shoppers with various tricks.
Cyber-attacks come in various forms and are designed to not only target technological weaknesses but also exploit people. It is therefore very vital that people take the following precautionary measures to stay cyber safe as they enjoy this Christmas.
Perform transactions on a secured site
Before performing any transaction or shopping online, be sure the website is secured.
To check whether a website is secured, look at the URL of the website. If it begins with “https” instead of “http” it means the site is secured using anSSL Certificate (thes stands for secure). SSL Certificates secure all of your data as it is passed from your browser to the website’s server.
You can also look for a padlock icon on the URL address bar at the top of your browser, usually to the left of the URL. Fake websites might not have a lock icon or they might create a fake one. Click on the lock icon to check for more information about the website.
Beware of phishing attack
Phishing is a method of sending messages usually in the form of email which are designed to appear as if it is from a legitimate institution or business such as your bank or familiar retailer. They aim to trick you into revealing your personal details. The emails usually contain fraudulent web pages or links which when clicked, download malicious software or take you through to a hoaxed website to collect your personal and confidential details.
For this season, be very wary of emails from sellers offering deals or cash prizes. Check the email address and don’t click on any links embedded in the message.
Scammers normally send emails that would ask you to click on a link to enter your details to arrange a delivery. They know definitely you might have ordered something online and would be expecting it. In such case, you may be requested to enter your credit card details to verify the delivery. Be suspicious if the email does not tell you the content of the ordered items and if you are in doubt, recheck your order trail and call the seller you are expecting a delivery from to confirm.
Be suspicious of WhatsApp messages offering gift cards
Cyber-criminal can also use the WhatsApp platform to carry out their operations. WhatsApp users will be receiving messages offering “surprised” gift cards that appear to be sent from your phone contacts. Following the link will take you through to another site that looks genuine and would be requesting your personal details.
Please do not click such links but rather delete the message even if it’s coming from someone you trust or know and immediately install security software (anti-virus) if your device does not have one.
Public Wi-Fi are not secured: avoid shopping using public networks
Free Wi-Fi, often offered by hotels, guest houses, shops and bars may be very useful but are extremely vulnerable. A cyber-criminal can set up their own fake hotspot or easily hack into a public network and access your user details. Never perform banking transactions on a public network. If you are banking or shopping online, use your own personal internet or hotspot from your phone or wait until you get home.
X’mas “giveaways” on Facebook
Cyber-criminals can also create enticing offers on their Facebook walls asking users to “like” and “share”. In an attempt to do so, you will be asked for personal details which can be used for fraudulent purposes. Please check if the Facebook account is verified with a blue tick, before performing any action.
Take immediate action if you think you have been scammed
If you have been scammed, call your bank immediately. They can intervene and stop any payment initiated. Even if payment goes through, your prompt action may help the bank to retrieve the funds from the cyber-criminal’s account.
Be mindful that banks are not responsible for reimbursing customers who have been deceived into making payments. Banks will only refund customers who have been defrauded or a transaction actioned without their authorization. When making the call, call your bank from your contact list, not from any mobile number provided to you in a possibly scam email.
You can also report incidents to the National Cyber Security Centre through SMS or call on 292, or WhatsApp on 050 160 311.Stay Vigilant! Stay Cyber- Safe this Christmas!! Afehyia pa!!!
Author: Seth Frimpong-Manso, (Chief Information Security Officer, Opportunity International & Member, Institute of ICT Professionals Ghana)
For comments, contact author firstname.lastname@example.org / 0247880121