{"id":13430,"date":"2016-11-14T10:41:46","date_gmt":"2016-11-14T15:41:46","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=13430"},"modified":"2019-11-15T06:51:52","modified_gmt":"2019-11-15T11:51:52","slug":"black-friday-survival-guide","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/black-friday-survival-guide\/13430\/","title":{"rendered":"Black Friday Survival Guide"},"content":{"rendered":"<p>Black Friday\u2019s coming, and that means huge rebates and sales. Actually, the hype has already started and the sales have begun. If you have ever tried shopping offline on that day, you probably vowed not to do it again. Ever. No matter what. Offline shopping on Black Friday and Cyber Monday hurts \u2014 sometimes <a href=\"https:\/\/youtu.be\/pBkGla-sYis?t=365\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">literally<\/a>.<\/p>\n<p>Why shiver on the street waiting for a store to open when you can shop while lying on your couch, right? Online shopping is really convenient, and you won\u2019t get crushed by a crowd of manic shopaholics.<\/p>\n<p>That\u2019s true, but online shopping has its own dangers, and Black Friday and Cyber Monday followed by Christmas sales are the high season for cybercriminals. As you are trying to get a shiny new TV or a pair of jeans for the price of a pair of socks, bad guys are trying just as zealously to steal your money. For example, as <a href=\"https:\/\/securelist.com\/analysis\/publications\/76615\/kaspersky-lab-black-friday-threat-overview-2016\/\" target=\"_blank\" rel=\"noopener noreferrer\">our statistics show<\/a>, the number of phishing pages that target financial data spikes by about one-third (about 9 percentage points) every Q4, which is really a lot.<\/p>\n<p>How do you stay safe and still have some fun shopping on Black Friday? We have advice for you, but first let us describe the most common types of scams that might await you during this season of sales.<\/p>\n<h3>Beware of fake shops<\/h3>\n<p>The fact about online shopping that amuses me the most is that you basically exchange your money for a promise to deliver something to you. Really, during that 1\u20137 day period, your money is already gone and all you have is an e-mail saying that your precious something is on the way.<\/p>\n<p>Not all promises are kept, and sometimes bogus shops have nothing to back up their promises. They get your money or your credit card data and disappear. These shops tend to have three things in common:<\/p>\n<ul>\n<li>You\u2019ve never heard of them;<\/li>\n<li>They rely heavily on advertising;<\/li>\n<li>They have really breathtaking deals: a brand new iPhone for $200 or something like that.<\/li>\n<\/ul>\n<p>If you see a deal that is too good to be true, it\u2019s not true, so don\u2019t fall for it. And on Black Friday and during other hyped sale days, it\u2019s better to stay on the safe side and buy only from the online stores you already know.<\/p>\n<p>One more thing: Criminals also try to mimic popular shops to steal your credit card data. So check the URLs carefully. If it\u2019s BustBoy.com or something like that instead of BestBuy.com, don\u2019t do anything on the site, and especially don\u2019t input your financial data in its forms.<\/p>\n<h3>Don\u2019t be fooled by fake delivery messages<\/h3>\n<p>Phishing relies heavily on social engineering, and social engineering in turn relies on your wanting something or being accustomed to something. So if you ordered a bunch of stuff and are waiting for the packages to show up at your door \u2014 as people do around this time of year \u2014 an e-mail entitled \u201cInformation about your order\u201d or \u201cDelivery confirmation from SomeMart\u201d might seem legitimate, and important enough for you to open it and even download the attachments or follow the links in it.<\/p>\n<p>That simple scenario is the essence of holiday shopping social engineering. The letter is not necessarily legitimate; it could be a fake sent by criminals who want to lure you into downloading malware such as banking Trojans or ransomware, or sending them your personal data. So before opening such letters make sure the e-mail address of the sender seems right (from <em>someone@bestbuy.com<\/em>, not <em>someone@bustboy.com<\/em>).<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">10 Tips to protect yourself from <a href=\"https:\/\/twitter.com\/hashtag\/Phishing?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Phishing<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/ITEducation?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#ITEducation<\/a> <a href=\"https:\/\/t.co\/gg888NWSmQ\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/gg888NWSmQ<\/a> <a href=\"https:\/\/t.co\/XxPwFLz8bf\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/XxPwFLz8bf<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/665208665125842944?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 13, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h3>Know your contacts<\/h3>\n<p>So, Black Friday and Cyber Monday were fruitful for you and you purchased a lot of useful stuff. And then you receive a message that seems to be from your bank telling you they detected suspicious activity on your credit card. They ask you to call a number to verify that all the actions with your card were really performed by you.<\/p>\n<p>That\u2019s rather easy to believe considering how many things you bought in various places, but don\u2019t rush to call that number in the message \u2014 you might reach cybercriminals who want to lure you into giving them your credit card data. Instead, find the official number of your bank support desk and call it. If there really was suspicious activity, they\u2019ll tell you what to do.<\/p>\n<h3>Other schemes<\/h3>\n<p>The possibilities for phishing during Black Friday sales seem infinite, and criminals push their imaginations to the limit to deceive people. Just one example, some phony site might offer a chance to win free gift cards in exchange for your information. Of course, there are no cards. There\u2019s no such thing as a free lunch.<\/p>\n<p>Another website might entice with cheap coupons that will save you a bunch \u2014 at least that\u2019s what they say. Of course, legitimate coupon sites do exist, but there are also fake ones, where you\u2019ll trade several dollars for nothing.<\/p>\n<p>Those are just the tip of the iceberg; cybercriminals have to come up with new ideas rather frequently, as people wise up to their old methods. Let\u2019s sum up some general tips on how to stay safe.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kis-top3\">\n<h3>Staying safe<\/h3>\n<p>Staying alert requires some concentration and people might complain that it spoils the fun, but losing money is a lot worse. We urge you to keep your eyes open at all times \u2014 and during Black Friday, Cyber Monday, and Christmas sales, when cybercriminals are more active than usual, be even more alert than usual. Therefore, we suggest you:<\/p>\n<p>1. Know what phishing is and <a href=\"https:\/\/www.kaspersky.com\/blog\/phishing-ten-tips\/10550\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">how to avoid it<\/a>.<\/p>\n<p>2. Don\u2019t click on suspicious links \u2014 they might lead to malware.<\/p>\n<p>3. Always double-check that webpages, letters, and text messages are genuine.<\/p>\n<p>4. Install a <a href=\"https:\/\/www.kaspersky.com\/internet-security?icid=gl_kdailyplacehold_acq_ona_smm__onl_b2c_kasperskydaily_wpplaceholder____kismd___\" target=\"_blank\" rel=\"noopener nofollow\">good security solution<\/a> just in case something goes really wrong. For example, Kaspersky Internet Security can detect phishing sites and keep you safe from different kinds of malware.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybercriminals consider Black Friday and Cyber Monday a great time to steal your money. Here are a few tips on how to stay safe and still have fun.<\/p>\n","protected":false},"author":696,"featured_media":13431,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2683,9],"tags":[200,199,76,227,131],"class_list":{"0":"post-13430","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"category-tips","9":"tag-black-friday","10":"tag-cyber-monday","11":"tag-phishing","12":"tag-shopping","13":"tag-tips"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/black-friday-survival-guide\/13430\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/black-friday-survival-guide\/6543\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/black-friday-survival-guide\/10429\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/black-friday-survival-guide\/7960\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/black-friday-survival-guide\/7947\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/black-friday-survival-guide\/9525\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/black-friday-survival-guide\/9319\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/black-friday-survival-guide\/13592\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/black-friday-survival-guide\/2640\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/black-friday-survival-guide\/6735\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/black-friday-survival-guide\/5656\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/black-friday-survival-guide\/9205\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/black-friday-survival-guide\/4979\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/black-friday-survival-guide\/13242\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/black-friday-survival-guide\/13592\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/black-friday-survival-guide\/13430\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/black-friday-survival-guide\/13430\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/phishing\/","name":"phishing"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13430","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/696"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=13430"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13430\/revisions"}],"predecessor-version":[{"id":30101,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13430\/revisions\/30101"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/13431"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=13430"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=13430"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=13430"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}