The following precautions apply any time of year, but it’s worth reminding yourself of them every time a serious holiday season comes around. In the rush to get gifts sorted, it’s all too easy to miss a warning sign, or get complacent about online security. Keeping programs and operating systems up to date is important enough that Microsoft, Apple, Google, Mozilla, and all the other big names in tech now make it difficult for anyone to lag behind with their updates—most of the time you’ll be prompted regularly to install new versions of your software, and it might even happen automatically in the background without you noticing. Today’s browsers, apps, and OSes are adept at spotting scams as they happen, whether it’s phishing emails (designed to lure you to a fake shopping or banking site) or unauthorized logins on your accounts. To make the most of this built-in security, ensure you’re running the latest versions across the board, which means the latest security patches—if you’ve been putting off updates on your phone or your computer, then get them done ahead of Black Friday. If you do have a laptop that’s too old to run the latest versions of Windows or macOS, avoid using it if possible—you’ll be safer shopping on your phone, as long as it’s running the most recent Android or iOS updates. On Android, you can check for updates via System and System Update in Settings; on iOS, it’s Settings and then General and Software Update. You’re likely to be inundated with special offers over email and social media this Black Friday, but be careful when it comes to clicking through on deals that come from suspicious sources (stores you’ve never shopped at before, for example). Always check that the link you clicked sent you to the website you were expecting to visit. There’s no hard and fast way to guarantee you’ll never get caught out by a dodgy link (apart from just ignoring them all completely), but you can minimize the risk: Check that the social media account or email address sending the link is genuine, head to the site in question in a separate browser window to see whether you can find the same offer advertised, and be sure the offer you’re looking at is the one that was promoted. If your browser is up to date, as we mentioned above, dangerous links should be blocked before you reach them, but we’d still recommend being wary. You’ll see some great offers advertised over social media and email, but no discount is worth the risk of exposing yourself to scammers. We’re not saying you should never shop at smaller outlets, but make sure they’re using HTTPS technology (indicated with a padlock in your browser’s address bar). Look for contact details, an office with a physical address, and reviews left by other users (Trustpilot can be helpful here). See if they’re on Twitter and Facebook—and whether those accounts are actually active. Debit and credit card issuers will usually protect you against fraud—check their policies online if you’re not sure about yours—but nevertheless, keep an eye on your bank accounts throughout the Black Friday weekend to make sure only the amounts you’re expecting to be debited are going out. Retailers change their prices all the time—especially online—so a “big discount” you see might only apply to whatever the price was last week, not what it’s been over the course of the past year. Price trackers such as CamelCamelCamel can help you work out whether you’re getting a genuine bargain or just something that was already heavily reduced. As always, keep your accounts locked down and protected on Black Friday. Use strong, unique passwords for all your accounts (a dedicated password manager or your browser’s password management system can help here), and turn on two-factor authentication on every account that offers it (Microsoft, Apple, Google, Facebook, and Twitter ones all do, for a start). While it may seem convenient to quickly set up a new shopping account with your “usual” password, it only takes one account sharing the same password to get exposed, and all the others can come tumbling down after it. If you’re using the latest versions of Chrome and Safari, you’ll notice you can now use a strong password suggested by your browser (the option should pop up automatically when you’re in a password field). If you’re planning on shopping at outlets where you haven’t purchased anything before, it’s a good idea to get these accounts set up ahead of time—this means you aren’t rushing when it comes to thinking up new passwords and entering potentially sensitive information into your web browser. Many places that you’re shopping at on Black Friday and Cyber Monday will already have your payment info on file, but if you’re entering details into a new site, again make sure the padlock symbol is showing in the address bar—the full URL should also begin “https://”, which indicates that your payment details will be encrypted in transit. If you’re on vacation or out of town, we recommend waiting until you get back home before buying anything—or at least using the cellular data on your phone to make a connection rather than a public Wi-Fi hotspot, as it’s much harder for hackers to intercept your details (or look over your shoulder as you’re typing them). If you are shopping in-store, be careful to guard your PIN numbers and other sensitive details when you’re surrounded by crowds—or even just one shop assistant. As tempting as Black Friday offers might be, it’s usually a good idea to shop in as few places as possible, if you can: The fewer companies that hold your payment data, the less likely you are to be victim to a data breach, and the risk of those breaches are really down to the company’s security policies rather than any precautions you can take.
