November 14, 2016 By Douglas Bonderud 2 min read

No longer considered Black Friday’s little brother, Cyber Monday is now a commercial force in its own right. As noted by CBS News, the e-commerce event has garnered more “editor’s choice” deals on high-profile sites than its older sibling. However, Help Net Security points out that online shopping security is also making an impact: A Computop survey found that 62 percent of shoppers plan to avoid shopping this Cyber Monday. So what’s behind this purchasing pause?

The Digital Divide

According to the survey, 76 percent of shoppers plan to order from online sites this holiday season, yet almost the same amount are sidestepping Cyber Monday shopping. This digital divide stems in part from increasing consumer savvy: 71 percent of consumers now check to see if sites have eTrust or secure sockets layer (SSL) certificates, while 64 percent are more careful about how and where they provide credit card information. Additionally, 61 percent have looked into the liability policy associated with their primary method of payment.

What’s more, 74 percent of respondents said they were “concerned” about disclosing credit card info online. This sets up an interesting dynamic; consumers see the benefits of web-based purchasing but are increasingly worried about online shopping security.

Case of the Mondays?

So why does Cyber Monday get singled out as the day to avoid? The simplest answer is high traffic volumes. Do a quick search for “Cyber Monday safety” and a variety of guides pop up, all aimed at helping consumers avoid scams during the shopping extravaganza.

Lifewire, for example, suggested looking for Monday deals using a store’s official website rather than a search engine to avoid phishing scams and fake apps and warned users to avoid email and pop-up coupons that offer deals that look too good to be true.

Since so many shoppers are eager to track down great bargains, the sheer volume of credit-ready web traffic to major retailers makes Cyber Monday an ideal attack vector for cybercriminals. Other events, such as Alibaba’s Singles’ Day, take in even more money than the post-Black Friday bonanza. As noted by Fortune, the online event registered more than $1 million worth of sales in just five minutes this year, making it another high-profile target for fraudsters.

Online Shopping Security Challenges

While secure e-commerce portals can help cultivate an entirely new group of consumers, even minor online shopping security problems may encourage users to visit physical stores or prioritize online shopping outside the confines of traffic-heavy Cyber Monday.

Expect this issue to get worse before it gets better. With consumers more tech-savvy than ever and other shopping events doing significantly more business than their stateside counterparts, keeping credit details close to the chest may be the best interim option until retail sites offer better authentication and guaranteed safe transactions.

More from

Change Healthcare discloses $22M ransomware payment

3 min read - UnitedHealth Group CEO Andrew Witty found himself answering questions in front of Congress on May 1 regarding the Change Healthcare ransomware attack that occurred in February. During the hearing, he admitted that his organization paid the attacker's ransomware request. It has been reported that the hacker organization BlackCat, also known as ALPHV, received a payment of $22 million via Bitcoin.Even though they made the ransomware payment, Witty shared that Change Healthcare did not get its data back. This is a…

Phishing kit trends and the top 10 spoofed brands of 2023

4 min read -  The 2024 IBM X-Force Threat Intelligence Index reported that phishing was one of the top initial access vectors observed last year, accounting for 30% of incidents. To carry out their phishing campaigns, attackers often use phishing kits: a collection of tools, resources and scripts that are designed and assembled to ease deployment. Each phishing kit deployment corresponds to a single phishing attack, and a kit could be redeployed many times during a phishing campaign. IBM X-Force has analyzed thousands of…

How I got started: AI security researcher

4 min read - For the enterprise, there’s no escape from deploying AI in some form. Careers focused on AI are proliferating, but one you may not be familiar with is AI security researcher. These AI specialists are cybersecurity professionals who focus on the unique vulnerabilities and threats that arise from the use of AI and machine learning (ML) systems. Their responsibilities vary, but key roles include identifying and analyzing potential security flaws in AI models and developing and testing methods malicious actors could…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today