“Nykaa is offering festive gifts to you–choose from a refrigerator, air conditioner, TV and an iPhone,” said a customer service executive on call. “You just need to open the Nykaa app on your phone and pay 5000 bucks and you will be able to avail the offer,” he added. When 29-year-old Anushka from Delhi denied it, they insisted on taking her time and deciding. They called her thrice to confirm before she threatened them to complain to the cyber cell.
Similarly, Payal Choudhary, 35, got her credit card used recently by hackers. Someone from the USA used it to buy pizzas and burgers. Another case happened with Punit Ahuja from Delhi, who got a call from someone who claimed to know him and his family very well and asked him to transfer some random amount which was transferred by him to Ahuja’s father.
Understanding risks
This all has happened in the past couple of days. And there must be many more incidences like that. As the festive season approaches, the excitement of shopping and celebrations also brings an increase in cybercrime risks. Cybercriminals are particularly active during this time, capitalizing on the heightened online activity and consumer spending.
According to cybersecurity firms, phishing attempts saw a 40% rise during the festive shopping period, targeting consumers with fake offers and promotions. Data from the National Cyber Crime Reporting Portal indicates that e-commerce fraud incidents have increased by 30% during major festivals such as Diwali, with many consumers falling prey to counterfeit websites and fake deals.
"Cybercriminals are persistent throughout the year, but during the festive season, their activity tends to go up," says Saif Ahmad Khan, Founder of LEDSAK. "The increase in online shopping coupled with discounts allows fraudsters to defraud many consumers." Phishing scams, fake shopping sites, and phoney payment portals are just a few tactics employed by these criminals.
Parag Khurana, Country Manager for India at Barracuda, highlighted that the festive season is critical for retail businesses, with a growing share of shopping being conducted online. He noted that “with increased web traffic and many people looking for bargains, the festive season has become a top target for cybercriminals.”
Prevent yourself from Cyber Fraud
Secure Booking Channels
The festive season means there are more travel and hotel bookings. Pranav Dangi, CEO and Founder of The Hosteller emphasizes the importance of secure booking methods. "We always encourage our guests to book directly through our official website and trusted travel platforms to avoid fraudulent third-party websites," he advises. This principle applies broadly to all online shopping—always use official channels.
Encrypted payments
Ensure that all online transactions are protected by end-to-end encryption. Dangi notes, "All transactions on our platform are secured through encryption to protect sensitive information." E2EE safeguards data from cybercriminals, ensuring that intercepted information remains unreadable. It enhances user privacy, ensures data integrity, and helps businesses comply with regulations like GDPR. Consumers can identify E2EE by looking for "https://" in URLs and security badges on websites. By prioritizing E2EE, businesses foster trust and create a safer online shopping environment for their customers.
Strong authentication
Enable two-factor authentication (2FA) on all your accounts. "This extra security measure can significantly mitigate the risk of unauthorized access," advises Manish Tewari, Co-Founder of Spydra Technologies. 2FA requires users to provide two forms of verification before accessing their accounts—typically something they know (like a password) and something they have (like a mobile device). This dual-layer approach makes it much harder for cybercriminals to gain access, even if they obtain a password. By activating 2FA on accounts, individuals can protect sensitive information, reduce the likelihood of identity theft, and enhance overall online security.
Use Trusted Payment Methods
Utilize secure payment options like credit cards or reputable third-party payment systems. "Refrain from providing bank account details directly," says Khan. "Using alternative payment methods can reduce your risk." Edul Patel, CEO of Mudrex, warns that “during festive seasons like Diwali, traditional markets are active, and money movements are high. Cyber attackers might come up with various investment schemes, phishing emails, and fraudulent giveaways.” He emphasizes the importance of verifying the authenticity of platforms before making transactions, using strong two-factor authentication, and regularly monitoring account activity.
Be Wary of Unsolicited Communications
Avoid clicking on links or downloading attachments from unknown sources. "Do not open unsolicited emails, messages, or ads that encourage clicking on links," cautions Khan. Scammers often use these methods to harvest personal information. Vinod K Singh, Co-Founder and CTO of Concirrus, advises, "In such situations, shoppers must be alert and aware of the ways cyber cons employ. It is important to check the legitimacy of retailers—looking for other payment methods, reading comments, and doing an in-depth search can save one from being scammed." He adds, “Shoppers should avoid messages like ‘limited-time offers’ or ‘account security alerts.’ Scammers use social engineering techniques to create pressure, which makes individuals act impulsively.”
Monitor Account Activity
Regularly check your bank and payment app statements for unauthorised transactions. Setting up alerts can help you catch suspicious activity early. Major Vineet Kumar, Global President and Founder of CyberPeace, e advocates for regular monitoring of financial transactions and the use of secure payment methods. He also encourages reporting cybercrimes to the appropriate authorities, highlighting the need for collective efforts in fostering a safer digital environment during this busy shopping period.
Educate Yourself About Scams
Understanding common scams is key to prevention. Nikhil Jois, Head of Growth at Bureau ID, notes, "Fraudsters use increasingly sophisticated techniques, so staying informed can help you recognize red flags." Raj Sivaraju, President of APAC at Arete, underscores the need for caution during this season: “The increase in online shopping creates prime opportunities for fraudsters to exploit. Be particularly wary of suspicious emails and links, as they may be attempts to steal personal information or install malware.” He advocates for organizations to educate both employees and customers about potential threats.
Avoid Public Wi-Fi for Transactions
Public networks, like those in cafes and airports, are highly vulnerable to cyberattacks due to their lack of security. Hackers can easily intercept data transmitted over these networks, exposing sensitive information like passwords and credit card details. To protect yourself, consider using a Virtual Private Network (VPN). A VPN encrypts your internet connection, creating a secure tunnel between your device and the VPN server, making it nearly impossible for anyone to access your data. This added layer of security is essential, especially for online banking or shopping, ensuring your personal information remains safe even on public networks.
Stay Informed About Security Updates
Ensure your devices have the latest software updates and security patches. "Regular updates can help protect against vulnerabilities," says Tewari. Peter Theobald, Advisor – Cybersecurity at Noventiq India, emphasizes the importance of vigilance during this time: “During the festival season, cybersecurity becomes crucial as increased transaction values heighten risks. Cybercriminals exploit festive shopping and event promotions, targeting personal data and financial information, hence you need to be more aware of phishing scams on email and phone. Do not fall for calls or robocalls impersonating the telecom department, courier companies, police, etc., and beware of offers that are too good to be true – they usually are fake.”
AI-powered scanning systems
Mohan Subrahmanya, Country Leader - India, Insight Enterprises, underscores that “cybercriminals frequently take advantage of the festive rush, so it is crucial for businesses to be vigilant in safeguarding their data and infrastructure by having a robust security strategy.” He suggests that organizations should implement AI-powered systems to continuously scan for vulnerabilities and enhance threat intelligence.
Quick Heal Technologies Ltd. has invested in R&D to tackle cybersecurity challenges. They recently uncovered a fake antivirus app, "AntiVirus - Virus Cleaner," on the Google Play Store, misleading over 1 crore users. CEO Vishal Salvi warns that such apps create a false sense of security, especially during the festive season.
Taking these precautions into account, being cautious and thinking critically will help consumers avoid the risks associated with online shopping during this festive season.
Cybercrimes and cyber complaints can be reported at cybercrime.gov.in and the National Cyber Crime Helpline number 1930.
You can also reach out to the CyberPeace helpline at +91 9570000066 for advice and assistance.