Following numerous Amazon ads shadowing my moves around the internet since Monday, Black Friday is finally here.
But who could have predicted the frenzy it would generate! Police in Manchester even took to Twitter, pleading “Keep Calm People!”
With fisticuffs at dawn, quite literally, in the brick and mortar stores, virtually it’s equally frantic. An online tool, powered by web services company Postcode Anywhere, that tracks spending at 9,000 online retailers such as retailers including: Tesco, Boots, Sports Direct and other large UK departments stores, recorded a massive spike in online transactions between 6am this morning and 11am – topping off at just over 40K.
Apparently, that’s 488 per cent more transactions this morning compared to a normal shopping day in November.
Will There Be Hidden Costs?
While I’m all for grabbing a bargain, and at some point I might take a look at the ‘deals’ being offered today, there is a word of caution. With so much money changing hands – guaranteed there’ll be a few ‘Grinches’ looking to capitalise on the activity.
In the last 12 months there has been a multitude of retailers holding their hands up to PoS (point of sale) breaches: Target, Home Depot, Staples – unfortunately the list really does go on. Why? Well, according to a recent blog posting by David Schreiber of Tenable, many merchants are ‘relying on security practices that Old Saint Nick would describe as naughty.’
PCI-DSS (the Payment Card Industry Data Security Standard) is a global security standard which was set up to help businesses process card payments securely and reduce card fraud. Has it worked? Schreiber said: “When it comes to PCI, the goal of many merchants is not achieving better security, it is achieving compliance.”
A further element, particularly so this Black Friday/Cyber Monday weekend is the increased popularity of mobile payment solutions – such as Barclays Pingit, Google Wallet, Apple Pay, etc. A separate Tenable blog, this one by Jeffrey Man, confirms that the PCI Council has not released any kind of standard with regard to mobile payment systems.
According to his post, one of the Council’s concerns is that “the technology is evolving so quickly, any standard that they produce could be obsolete before it was ever released”.
The numbers speak for themselves. Tenable created an infographic, to help highlight security issues that may occur this long shopping weekend, titled ‘Are the Security Practices of Retailers Naughty or Nice This Holiday Season?’
Spread a Little Holiday Cheer
Making the retailers step up and secure their systems is one way to protect our transactions – but that’s not going to happen overnight.
So, in the meantime, senior security analyst of AppRiver Troy Gill has some advice: “Don’t be fooled by emailed delivery or purchase receipts – if you didn’t order it, don’t click on it. Take a few minutes several times a week to log in to your credit and debit card accounts to review all charges and verif
y that they are legitimate.
“It’s best to avoid making online purchases while connected to a publicly-available WiFi signal since it leaves you vulnerable to attack. Fake products are often promoted via spam emails so a simple rule of thumb is to refrain from taking action on the content of any unsolicited emails – don’t click links, open attachments or make investment decisions.
“Fake promos also appear online, particularly this time of year, offering huge discounts. Stay away from questionable websites and make smart choices when navigating from search engine results to web pages. If it’s too good to be true then it probably is.”
In terms of practical steps you can take to stay safe, Troy added: “Make sure your computer’s software remains up to date, and go ahead and uninstall unused software programs because all too often they become forgotten, unpatched and create yet another target option for attackers.”
And with that, I’m off to grab a bargain. Till next week, stay safe.
Dulcie McLerie is a director of Smile on Fridays
