Deal or no deal? The Black Friday edition.

During last year's festive shopping period, over 28,000 people reported falling victim to online shopping fraud with losses totalling £15.4m.


Today, (Monday 22nd November) Action Fraud has launched a national campaign about shopping online safely designed to spread awareness of some simple and practical steps people can take to help the public shop online securely.



Whether you are online shopping for yourself, for your employees or for a secret Santa, cybercriminals will not spare you simply because you're doing something nice. Sadly, there are many ways cybercriminals will try to take advantage of consumers during the festive shopping period.


How can you protect yourself when shopping online this Christmas?

Most victims of online shopping fraud in the 2020 festive shopping season were aged between 20-49 years old. This may come as a surprise as these are individuals who you might believe are fairly tech savvy. Many of us are spending more time than ever shopping online, the below online shopping guidance can help you to avoid scam websites, and purchase items securely.

Be aware of attempted Phishing attacks:

Some of the messages you receive about amazing offers may contain links to fake websites. If you're unsure about a link, don't use it and go separately to the website. Report suspicious emails you receive by forwarding them to report@phishing.gov.uk. You can also report suspicious text messages by forwarding them to 7726.


Shop securely online:

when it's time to pay for your items, check there's a closed padlock icon in the browser's address bar. Use a credit card when shopping online, if you have one. Most major credit card providers protect online purchases.


Ready to checkout? Do it securely:

Make sure that your really important accounts (such as your email account or online shopping accounts) are protected by strong passwords that you do not use anywhere else. Do not access personal accounts via work devices as this increases your risk of your work devices being impacted by any cyber attack you may fall victim to.


If things go wrong:

If you've lost money to online shopping fraud, tell your bank and report it as a crime to Action Fraud. By doing this, you'll be helping to prevent others becoming victims of cybercrime.


How can you help to protect your business this Christmas?


Use strong passwords and store them securely Passwords are you first level of protection when it comes to securing your online accounts or customer data. Complex passwords can often be difficult to remember, which often leads to people choosing weaker passwords or repeating them across multiple accounts.


Double up your cyber protection

Two-factor authentication otherwise known as 2fa, two-step verification or multi-factor authentication was designed to help stop cyber criminals accessing your accounts even if they obtain your passwords.


Regularly backup your data and isolate it

Think about how much you rely on your business-critical data, such as customer details, quotes, orders, payment details or coursework/examination files for education establishments. Now imagine how long you would be able to operate without them.


Pay attention to detail

Human error is one of the main contributing factors to the majority of cyber security breaches, in fact its reported that 95% of cyber security breaches are primarily caused by human error.

Whilst people can often be the weakest link in the chain, if educated they can become your strongest asset in protecting your business. Cybercriminals will try to lure in your employees through a tactic known as Social Engineering. This is when a person is led into taking an action such as clicking on an infected link in an email or opening the infected email itself (a phishing email).



Become a core member of the SECRC today (for free) to receive regular cyber security guidance that is easy to digest and to follow.

To help businesses outsmart cyber criminals and toughen up their cyber security, the Cyber Resilience Centre for the South East (SECRC), has been established to provide businesses, schools, charities and third sector organisations, with an affordable way to access cyber security services designed to help improve cyber resilience.


We offer a free core membership to businesses in the South East, becoming a member will enable you to receive a welcome pack full of practical resources and tools, designed to help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection. Through your membership, you will also get regular updates on new threats, designed to help you stay safer.


Sign up via http://www.secrc.co.uk/membership or get in touch with us to receive a one to one consultation to see how we can support your business.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the South East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the South East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the South East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the South East is not responsible for the content of external internet sites that link to this site or which are linked from it.