Cyber Monday Alert: Half of Consumers Unable to Determine Safety of Online Shopping Sites

With Cyber Monday just days away – the official start of the busiest online shopping month of the year – a new survey of American consumers finds that only half think they can determine the safety and legitimacy of online shopping sites and 35% claim to have stopped an online purchase because of security fears. Further, the Global Cyber Alliance (GCA) online survey of 1,019 U.S. consumers also reports that the fear of being scammed online causes 27% excessive worry and 12% to actually lose sleep.

The online holiday shopping season is also a boon to scammers, as more fake websites are launched than any other time during the year. Nearly 119,000 unique phishing sites were detected during November 2016, with more than 300 individual brands targeted, according to the Anti-Phishing Working Group. The brands with the most spoof-able websites included popular online retailers Amazon (82%), Walmart (36%), and Target (20%).

It is easy for scammers to trick users with websites that look like they are legitimate company websites – either a national brand name or a local store – but have a different IP address – something that most users would find very hard to confirm.

One method for scammers? Registering web domains that are misspellings of popular brands and destinations. According to the GCA survey, 77% of U.S. consumers have mistyped a website address into their browser and 68% have clicked on a link in an email that has taken them to a different site than they expected. Consumers and small businesses need a way of protecting themselves that is effective, automatic, and affordable. They cannot trust the names they see in their web browsers.

Last week, GCA, along with IBM Security and Packet Clearing House launched Quad9, a free service that protects both consumers and businesses from the most popular phishing websites. In four easy steps, computers can be configured to automatically check every link that is clicked on – or address that is entered – against a directory of millions of bad web addresses compiled from companies that specialize in categorizing online threats and scams. If a user tries to access a website that is on any of the lists of malicious websites, they are blocked from accessing the site.

“The cybersecurity burdens that we place on consumers are excessive. It is asking too much from consumers to navigate all the security risks they face.  Even experts make mistakes,” said Philip Reitinger, President and CEO of the Global Cyber Alliance. “We must do a better of job of creating solutions that provide security and privacy without the user having to worry about it. Quad9 does just that.”

Other findings from the GCA survey include:

Online Safety vs. Physical Safety

  • Only 16% of consumers fear a burglar breaking into their home more than an online hacker stealing personal information
  • Only 11% of consumers think that their mobile phone is more secure than the front door of their house

The Threat is Real

  • 60% of consumers have had their computer infected with malware
  • 50% have visited a website that they feared could do harm to their computer or device

About the Survey
Zogby Analytics was commissioned by GCA to conduct an online survey of 1,019 U.S. adults. Based on a confidence interval of 95%, the poll has margin of error of +/- 3.1 percentage points. The survey’s full results can be found at:

About the Global Cyber Alliance
The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks.

GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police, and the Center for Internet Security. Learn more at

Like this article?

Share on Twitter
Share on Linkdin
Share on Facebook
Share via email

Other posts that might be of interest