Regarding safe online shopping, numbers are the best introduction I can deliver:

According to a study from the Ponemon Institute, 65% of employees admit to using their company computers for personal shopping at least once a week. Of those, 25% say they use their company computers for shopping more than once a day.

Astonishing statistics for holiday online shopping in 2023

• Total holiday retail sales in the U.S. are projected to reach new highs of 957 billion U.S. dollars, up over 3% from 2022 ¹.
• Holiday online retail sales in the U.S. should amount to nearly 254 billion dollars, ³.
• Cyber Monday 2023 was the biggest online shopping day in U.S. history, with revenue figures hitting approximately 12 billion U.S. dollars ⁴.
• Roughly 75% of Americans intend to do their Christmas shopping online in 2023⁵. 
• Shoppers will spend 6.7% more on holiday gifts this year ⁵.
• 42% of Americans are willing to take on debt due to gift shopping ⁶.

It’s Christmas on the deep web as well.

• There is a 30 % increase in the average number of ransomware attacks over the holiday period compared to other months. ⁷.
• 1 in 4 IT leaders don’t have a contingency plan to deal with a ransomware attack during the holiday ⁸.
• In the UK, there were over 17,000 reports of online shopping fraud, representing a loss of £13.5m – an average of £775 per incident ⁹.

Common Cyber Threats Faced by Online Shoppers

Online shoppers face increased cyber threats during December, including over 3 billion phishing emails sent each day:

Phishing scams and fraudulent websites: Cybercriminals create fake websites and emails that mimic legitimate e-commerce platforms, tricking users into entering their personal information and credit card details.

Malware and ransomware attacks: a 30% rise in attempted ransomware attacks during winter holidays. Malicious software can be downloaded through infected links or attachments, compromising devices and encrypting data, demanding a ransom payment for decryption.

Data breaches and identity theft: Experian says one in four consumers will be targeted by identity thieves. Data breaches compromise large databases of personal information, exposing individuals to identity theft, financial fraud, and other cybercrimes.

---

Give Your Workforce the Gift of Safe Online Shopping

To help your employees protect themselves from cyber threats while enjoying the convenience of online shopping, consider these ten essential tips:

1. Take the time to verify the website is the real thing — not an imitation.

(Credit: Rawpixel)

Only shop on websites that you trust and recognize. Look for the padlock symbol in the address bar (https://) and check for security certifications.

2. Don’t use your debit card for online purchases.

(Credit: Rawpixel)

Your main debit card might give hackers direct access to your bank funds.

Opt for disposable credit card numbers or mobile payment apps, limiting the potential damage if your card details are compromised.

3. Avoid using public Wi-Fi for online shopping.

(Credit: Freepik)

Public Wi-Fi networks are often unsecured, making them vulnerable to eavesdropping and interception of sensitive data.

4. Check out the seller.

(Credit: Freepik)

Before making a purchase, research who is doing the selling. Check for online reviews and read customer feedback.You can also use a tool like the BBB Scam Tracker to verify the seller’s legitimacy.

5. As always, be cautious about clicking links or attachments in emails.

(Credit: Rawpixel)

Phishing emails often contain links or attachments that lead to malicious websites or download malware. Always hover over links to see the actual web address where it will take you, and never open suspicious attachments.

6. Keep the software on your computer and smartphone up to date.

(Credit: Rawpixel)

Regularly update your operating systems, web browsers, and other software applications to ensure you have the latest security patches and protection against known vulnerabilities.

7. Be suspicious of products and posts on social media. 

(Credit: Rawpixel)

Cybercriminals often use social media platforms to spread phishing scams, fake deals, and malware-laden links. Be wary of unsolicited messages, links, and attachments, and never click on suspicious promotions or offers.

8. Use a trusted password manager.

(Credit: Rawpixel)

Create strong and unique passwords for all your online accounts, and consider using a password manager to store and manage your passwords securely.

9. It’s ok to lie on those shopping forms.

(Credit: Rawpixel)

Avoid oversharing personal information on online forms or social media platforms. Only provide the minimum information required to complete a transaction or create an account. There’s no reason an online retailer needs to know your birthdate, cellphone number, or your mother’s maiden name. Lie in the form or omit information if necessary.

10. Got scammed?! Get revenge.

(Credit: Rawpixel)

If you suspect you’ve been scammed, act promptly. Report the incident to your IT department, the Federal Trade Commission (FTC), your state’s attorney general, or even the FBI.

One more thing about safe online shopping

Cybersecurity is a collective responsibility, and every employee plays a vital role in protecting your organization’s assets and data. By equipping your employees with the knowledge, tools, and awareness they need to navigate the online shopping landscape safely and securely, you can significantly reduce the risk of cyberattacks and safeguard your organization during the holiday season and beyond.

Share this information with them.

And, if you need assistance educating your workforce and raising awareness about the risks of online shopping, look at our Cyber Library, where you can find cybersecurity resources branded for your organization, like our guide for safe online shopping.

Too busy to take care of your daily workflow to focus on educating your workforce?

Aware Force is here. We deliver timely, relevant content year-round — branded and tailored for your organization, reinforcing your team’s role as subject-matter experts.

Aware Force’s content is easy to use and ready to integrate with your existing cybersecurity programs.

It’s ideal for intranets, websites, internal social media, and your onboarding program.

We’re standing by to show you truly innovative ways organizations use Aware Force to engage their employees. (And the employees let them know how much it’s appreciated.

---

Sources:
1,2,3,4,5: statista.com
6: capitalcounselor.com

7: darktrace.com

8: cybereason.com

9: National Fraud Intelligence Bureau (UK)