Scammers stole millions last Christmas. These six tips could keep you safe online this time around

NCSC issues advice for online shoppers as cyber criminals gear up to take advantage of the busiest time of year for retail purchases.

How did my credit card details get stolen and used half the world away?

The National Cyber Security Centre (NCSC) is urging people to be careful when shopping online in the run up to Christmas as cyber criminals step up campaigns to steal money, credit card information and more during the busiest time of year for retailers.

Last year's Christmas shopping period, from November 2019 to January 2020, saw cyber criminals make off with a total of £13.5 million as a result of online shopping fraud – averaging out at £775 per incident across 17,405 cases reported by the National Fraud Intelligence Bureau.

SEE: Meet the hackers who earn millions for saving the web, one bug at a time (cover story PDF) (TechRepublic)

And with even more people expected to be doing their Christmas shopping online this year because of ongoing coronavirus restrictions, the NCSC, alongside the Home Office, the Cabinet Office and the Department for Digital, Culture, Media and Sport (DCMS), has launched a 'Cyber Aware' campaign.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

The campaign lists six things to help protect shoppers against phishing emails, malware and other malicious cyber activity – and provides information on how to set up these additional protections: 

  1. Use a strong and separate password for your email
  2. Create strong passwords using three random words
  3. Save your passwords in your browser
  4. Turn on two-factor authentication (2FA)
  5. Update your devices and apps
  6. Back up your data

By following this advice, people can not only better protect themselves from falling victim to cyberattacks, additional security on their devices can also provide better protection against cyber criminals attempting to exploit the phones and laptops people use while working from home to gain access to a corporate network.

Organisations can also play a role in helping their employees stay safe online by providing services including two-factor authentication and cloud-based backups.

"Technology will play an essential role over the festive period, with more people shopping online than ever before. Scammers stole millions from internet shoppers last Christmas – but by following our advice, you can protect yourself from the majority of their crimes," said Lindy Cameron, chief executive of the NCSC.

SEE: Ransomware victims aren't reporting attacks to police. That's causing a big problem

The Cyber Aware campaign is being supported by organisations including Microsoft, Vodafone, BT, ASOS, Barclays and Citizens Advice.

"If you are shopping online this year, spend the time you would have spent wrapping up warm to head out to the shops on checking your online security. If it feels suspicious or unusual it may well be," said Sian John, chief security adviser at Microsoft UK.

MORE ON CYBERSECURITY