Expert offers security tips for Cyber Monday shoppers to protect themselves from scammers

As consumers surf the internet to find the best Cyber Monday deals, Virginia Tech’s cybersecurity expert Gang Wang forewarns shoppers to be on the lookout for scammers who are particularly active during this time of the year and target shoppers who are searching for deep discounts online.

Wang offers the following security tips for consumers to consider while shopping online.

  1. Be careful when shopping on a mobile device

Be extra careful if you shop using a mobile browser. Scammers often create bogus websites whose URLs look like the ones of reputable merchants to deceive users. Because the mobile browser has a much shorter address bar, you might not see the full URL on your phone. Sometimes the mobile browser may even hide the URL altogether. A better alternative is to use the merchants’ native apps. Make sure you download the apps from the official app store. Don’t install any apps from web links or code.

  1. Don’t click on the email links

Don’t click on the links in an unsolicited email, no matter how appealing the discount looks. Often times, a phishing email looks like something sent by a popular merchant, your bank, or even someone you know. The link may lead you to a bogus website that aims to lure you to enter your credit card information.

  1. Use secure network connections

When visiting a website, make sure you use a valid “HTTPS” connection, not “HTTP.” Most modern web browsers have security indicators on the address bar for HTTPS.  HTTP is vulnerable to “man-in-the-middle” attacks. Someone can steal your credit card information by monitoring your HTTP network traffic.

About Wang

Wang is an assistant professor in the Department of Computer Science in Virginia Tech’s College of Engineering. His research focuses on security and privacy in online communities, data-driven models of user behavior, security of mobile and wearable devices. Earlier this year, Wang was part of a research team to conduct the first ever large-scale and systematic study about how Android apps can conspire to mine information from smartphones.