TORONTO -- Black Friday may be a bargain-hunterâs dream, but experts say itâs also a perfect opportunity for hackers and scammers to steal your personal information.
According to recent research from cybersecurity firm McAfee, 33 per cent of Canadians have lost $500 or more in online scams so far this year, with an additional 40 per cent having been exposed to online phishing scams.
Worse yet, 36 per cent of those surveyed admitted to not checking an email sender or retailerâs website for authenticity before making an online purchase.
âThe most danger comes from these customized emails that target people,â Prof. Ali Dehghantanha, director of the Cyber Science Lab at the University of Guelph, told CTVNews.ca by phone Thursday.
âFrom emails that suggest youâll get a special discount, to someone claiming someone has used your Apple ID to buy something.â
Dehghantanha says these targeted campaigns prey on those who arenât paying enough attention to the emails coming into their inbox. But by following a few simple steps, the average consumer should be able to weed out the real deals from the fake.
Hereâs how to avoid falling victim to an online scam while shopping online this year:
MAKE SURE THE WEBSITE YOU ARE ORDERING FROM IS LEGITIMATE
A common trick cybercriminals use to trick people into handing over their credit card information is to set up a fake website that mimics a real retailer.
Before entering any personal information, make sure to double check the URL in your web browser. Often times, these websites will look nearly identical to popular shopping sites, but might misspell the retailer name in the web address.
Dehghantanha says consumers should also be sure to check for a secure connection before checking out.
Sites with a secure connection will display a lock symbol in the left hand side of the URL bar in your web browser. Secure sites will also start with âhttpsâ (the âsâ stands for secure).
âIf you donât see the lock, donât enter anything private,â said Dehghantanha.
Christine Beauchamp, spokesperson for Canadian Centre for Cyber Security, recommends that consumers take a critical eye to any website they come across via email or on social media.
âThey are often very rushed and may not look very professional,â Beauchamp says of the quality of fake websites.
Be sure to keep an eye out for poor spelling and grammar, poor picture quality, and poorly copied corporate logos.
CHECK LINKS BEFORE CLICKING
Scammers will often use a legitimate web address in the hyperlinked text of the email, but once you click on the link it takes you to a malicious website.
Before you click on any links in a suspicious email -- especially those with offers that seem too good to be true -- hover your mouse over the link to check the URL. A small yellow box will appear showing the actual web address the link will take you to.
If the link doesnât match the hyperlinked text, itâs likely malicious.
Also be sure to double check the spelling of the website. Attackers will often use a URL that has one misplaced letter â for example, linking to âCVTNews.caâ instead of âCTVNews.ca.â
STOP USING THE SAME PASSWORDS FOR EVERY ONLINE ACCOUNT
One of the easiest ways to fall victim to a data breach is to re-use your passwords. One hack can gift criminals with thousands of passwords, which they can use to try to access multiple accounts.
While youâre at it, make sure your passwords are secure.
Experts say passwords that use eight to 10 upper- and lower-case letters mixed with numbers are proven to be more secure. When choosing numbers to add to your password, be sure not to use anything that is easily identifiable, such as your address or date of birth.