Billions of pounds will change hands online between now and Christmas, much of it this weekend, and a worrying proportion will end up in the hands of cyber criminals.
But there are simple steps you can take to avoid joining their victims.
Yesterday was Black Friday, considered to be the beginning of the main gift buying season, and, according to credit card provider MBNA, UK shoppers were expected to spend close to a billion pounds, up from £810 million last year.
Cyber Monday after the weekend should be almost as lucrative for retailers. A total of £720 million was spent in 2014, a significant amount of it over the internet.
There is no secret to the appeal of online shopping. It is quick, easy and available 24 hours a day, and there is no need to struggle, weighed down by bags, through crowds and bad weather to do it.
Alan North, MBNA’s director of credit and analytics, said: “Online shopping is turning our traditional spending habit on its head. While some of us are still content to brave our Christmas shopping in the final few days, many more are now taking advantage of the promotions driven by Black Friday and Cyber Monday.”
Over a third of adults say they have shopped on the internet more than ever before this year, and almost as many plan to make online purchases over the next few days, Sainsbury’s Bank says.
However, many could end up parting with more cash than they bargained for. One in ten of those taking part in the bank’s survey said they had been the victim of one or more online fraud experiences, including paying for an order that never arrived, having card details stolen, or being duped into divulging them on a fake website.
Simon Ranson, Sainsbury’s head of banking, said: “If you’re planning to do any shopping online – no matter what time of year – make sure you keep your personal information and credit or debit card details safe.”
The Scottish Government is particularly concerned about this type of crime in the run-up to Christmas and is encouraging everyone to take steps to protect themselves.
Deputy First Minister John Swinney said: “Cyber-attacks can happen to any individual or organisation no matter of size or geography.”
Safeguard the information on your computer and mobile devices by keeping software up-to-date so you benefit from important security upgrades. Install anti-virus protection and ensure firewall settings are turned on.
Guard mobile phones and tablets with screen locks and passwords, and avoid making purchases on shared computers or public wi-fi.
To ensure you don’t overspend, make a list of what you want to buy and have a clear idea of how much you can afford to pay. Compare costs on a range of sites, remembering to factor in delivery charges and the value of extras such as free extended warranties.
Buy only from secure sites. The address, or URL, should begin with “https” rather than just “http” and there should be a small closed padlock symbol in the address bar.
Be vigilant for copycat sites designed to fool you into parting with your card details. These can be quite convincing, so look out for spelling and grammatical mistakes that will give them away.
Also be wary of emails advertising special offers or discounts – the links may not be what they seem, leading instead to fake sites. If you want to follow them up, Google the correct address and type it into your browser.
If the prices are too good to be true, or anything else doesn’t feel right, close the page. You could end up with counterfeit goods – or an empty bank account.
If you are unfamiliar with a retailer or uncertain about a site, check it is trustworthy by searching for mentions on independent review sites.
Create a separate username and/or password for each site you plan to buy from, and make sure they are different to the ones you use for social media accounts and email.
Ensure passwords are as strong as possible by avoiding predictable words and phrases, such as family names and birthdays. Use a mixture of lower case and capital letters, numbers and symbols. Never reveal passwords or PINs to anyone.
Before making a purchase, read the site’s terms and conditions, delivery information and returns policy, and make a note of its contact details in case you change your mind or encounter a problem. Reputable businesses provide a head office address, not just a PO box, email address or mobile number.
Never let a site store your card details on its server for future purchases – it is worth the effort of inputting them each time you buy to keep them confidential.
Paying by credit rather than debit card offers additional protection if the item costs over £100. If your purchase goes missing in the post, is damaged or faulty, or the company goes bust, you can pursue the card company for a refund under Section 75 of the Consumer Credit Act.
For smaller purchases, consider using PayPal. It takes minutes to set up an account, doesn’t cost anything and enables you to shop without sharing your financial details. For more information, see PayPal.com.
When you complete a purchase, save and print out your confirmation email as proof of what you have paid for, and be sure to log out of the site fully, so no one can go in and impersonate you.
Mr Swinney said: “It has been estimated that as much as 80 per cent of cyber-crime can be prevented by getting the basics right, such as updating software, good passwords and regular system back-ups.”
Why are you making commenting on The Herald only available to subscribers?
It should have been a safe space for informed debate, somewhere for readers to discuss issues around the biggest stories of the day, but all too often the below the line comments on most websites have become bogged down by off-topic discussions and abuse.
heraldscotland.com is tackling this problem by allowing only subscribers to comment.
We are doing this to improve the experience for our loyal readers and we believe it will reduce the ability of trolls and troublemakers, who occasionally find their way onto our site, to abuse our journalists and readers. We also hope it will help the comments section fulfil its promise as a part of Scotland's conversation with itself.
We are lucky at The Herald. We are read by an informed, educated readership who can add their knowledge and insights to our stories.
That is invaluable.
We are making the subscriber-only change to support our valued readers, who tell us they don't want the site cluttered up with irrelevant comments, untruths and abuse.
In the past, the journalist’s job was to collect and distribute information to the audience. Technology means that readers can shape a discussion. We look forward to hearing from you on heraldscotland.com
Comments & Moderation
Readers’ comments: You are personally liable for the content of any comments you upload to this website, so please act responsibly. We do not pre-moderate or monitor readers’ comments appearing on our websites, but we do post-moderate in response to complaints we receive or otherwise when a potential problem comes to our attention. You can make a complaint by using the ‘report this post’ link . We may then apply our discretion under the user terms to amend or delete comments.
Post moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours.
Read the rules hereComments are closed on this article