Cyber Monday 2024 saw $13.3 billion in sales. That surge in online shopping creates opportunities for cybercriminals to steal personal data through phishing scams and fraud.
Cybersecurity threats during Cyber Monday
The risks are real. Nearly one-third of consumers experienced security breaches after shopping online.
According to the FBI, the Internet Crime Complaint Center receives a spike in complaints during the early months of each year, correlating with holiday shopping scams. Both the FBI and CISA documented increased ransomware attacks on holidays and weekends.
Adding to concerns: a Bitwarden evaluation of the top five US e-commerce sites found inconsistent password security practices. Shoppers should approach websites cautiously.
4 essential security practices
1. Use a password manager
Password managers are one of the most effective tools for creating a private and secure profile online. They help consumers generate and store unique passwords for each site, eliminating risky password reuse. Users only need to remember a master password.
Select providers with end-to-end encryption for vault items; this means the provider cannot access stored passwords.
Password managers make it safer to navigate the online world, and anyone can get started with a free account.
2. Use two-factor authentication
Two-factor authentication (2FA) requires two verification methods. After entering a password, users verify their identity via SMS, email, an authenticator app, or a security key. This makes account access significantly harder for criminals.
Authenticator apps and security keys offer stronger protection than SMS, but any 2FA is better than none.
3. Don’t click on unrecognizable links or attachments
Phishing attacks cost organizations an average of $4.88 million per incident and account for 15% of all breaches. Scammers use social engineering to trick users into clicking on malicious links or revealing information.
To protect yourself:
Verify sender name and email address match the institution
Hover over links to confirm the destination
Avoid clicking links in general; they can be designed to deceive
Call the institution directly if something seems off
Never click attachments from unknown senders
4. Avoid public Wi-Fi for e-commerce transactions
Avoid public Wi-Fi for transactions; the purchase can wait until individuals have access to a much more secure network. As the FTC notes, there’s no guarantee public Wi-Fi is secure.
Looking for even more suggestions to stay secure online? Check out the ‘Holiday Online Safety Tip Sheets’ from CISA.
Get started with Bitwarden
Ready to protect your accounts? Quickly set up a free Bitwarden account, or keep your team protected online by initiating a 7-day free trial of our business plans.