Even prior victims of online theft can't resist Cyber Monday bargains.
Among more than 1,000 shoppers surveyed by credit score company TransUnion (TRU) , 94% of those who had suffered cyber attacks said they would shop online Monday, as retailers and online thieves gear up for a banner day. Of the victims, 71% said they were hacked during the holidays.
Online crooks have put seasonal twists on old tactics such as bogus emails containing links to malicious sites and now are using social media, mobile messages and other tactics to separate shoppers from their cash.
"During the first few years of Cyber Monday" -- the term was coined in the middle of the last decade -- "there weren't a lot of scams or things like that around the holidays," said Bruce Snell, cybersecurity and privacy director of Intel's (INTC) security arm. "With recent activity that we've seen, we'll definitely see an increase in scams via social media or phishing via email or even though [text messages] that are trying to trick people into clicking on these links."
Cybercrooks know that shoppers will be looking for, and expecting to find, major savings on Monday. They will send deceptive emails or create fake ads that use shoppers' eagerness to find a bargain against them.
"They'll promise things like extreme discounts on hot new items, coupons or 'enter to win' [contests]," Snell said. "These are things that people are looking for already when they are trying to find deals. The cybercriminals are definitely going to take advantage of that."
Facebook (FB) ads, for example, present an opportunity.
"You've probably seen on Facebook where somebody will share a picture from some obscure product or website. It says, 'Like and share this picture to win whatever,'" Snell said. "That's the sort of thing that cybercriminals use to get people to start clicking on their sites."
Your mobile phone also may put you at risk, as counterfeit apps proliferate. "These will be apps that will mimic, let's say, Nike (NKE) or pick your large retail establishment," Snell said. The bad guys are also increasingly targeting iPhone users, he added, sending phishing messages that ask people to validate an Apple (AAPL) log in.
Jim Cramer and Jack Mohr, who co-manage the Action Alerts PLUS portfolio, our club for investors, wrote in their latest research note on Facebook that the social media giant "remains one of the best long-term growth stocks." Click here for a free 14-day trial membership to AAP to see why.
On a simpler level, consumers' searches for Cyber Monday bargains also can provide an opening for cybercriminals, Fran Rosch, general manager of Symantec's (SYMC) Norton unit, said in an emailed statement.
"For example if a consumer searches for 'Top Cyber Monday deals' or 'Best value Cyber Monday' and they click the malicious link, they could be led to a malicious site that will either try to trick them into purchasing goods that are fake or never arrive, or even download malicious software onto their device," Rosch wrote.
Complacency about clicking on links sent from unfamiliar email accounts increases consumers' vulnerability, according to Rosch. A Norton survey found that 29% of cybercrime victims did not have passwords for their home WiFi. Close to half do not use a virtual private network when connected to a public WiFi network, and about 40% of U.S. shoppers either can't distinguish a phishing email from a legitimate message or have difficulty telling the difference.
"This complacency is taking place while hackers are honing their craft and adapting their scams to take advantage of consumers, and Cyber Monday is no exception," Rosch wrote.
The advice for staying safe on Cyber Monday is the same as the other 364 days of the year.
"Make sure you don't click on a link from someone you don't know and don't click on a link from someone you know if you aren't expecting it," Snell said. A message from a friend's hacked Facebook Messenger account could contain a malicious link. "People are much more inclined to click on a link from a messenger window because they think I must know this person," he said.
Also be careful when downloading apps. "Use your mobile browser and go to the website itself. There is usually a link at the bottom for the app, or at the top of the webpage there will a box that says 'open in the app' or 'view the app in the app store,'" Snell advises.