Online shopping has shown to be favorable for many in that it saves time, money, and is often considered more enjoyable than going to a mall.

In Saudi Arabia, Internet penetration high where citizens consume 400% more data than the global average, according to according to a study published by Al-Eqtisadiah.

Moreover, online shopping is on the rise. Saudis make up around 55% of shoppers online in the region and spend an average of SR3,000 on online purchases per month, according to a report by a local daily.

This year’s recent White Friday witnessed an increase in mega online sales and advertisements on various media outlets as well as traditional marketing.

For instance, compared to last year’s 10,000 deals, this year Souq.com offered half a million deals.

According to reports, however, many consumers in the Middle East seem to lack awareness when it comes to the risks in online shopping. Cybercrime in the region is higher than other parts in the world. A PwC report revealed 85% of Middle East respondents suffered an incident related to cybercrime compared to the global average of 79%.

IBM reported that the average cost of a data breach in Saudi Arabia and the UAE was $4.94 million, a 6.9 percent increase since 2016.

Additionally, 18 percent of respondents have experienced more than 5000 attacks compared to the global average of 9 percent – which is higher than any other region, according to an expert at Mimecast.

Cosumers in the Middle East need to be more careful when shopping online, says Heino Gevers, customer experience manager at Mimecast Middle East and Africa.

He shares the following advice when making purchases, especially during sale periods.

Tip 1: Think before you share

Cyberattacks are not just random anymore. They are well-researched and usually architected using information you share online. Personal details like where you work, job title, who your friends are and what you are doing, are all over social media sites like LinkedIn and Facebook. Hackers use these sites to gather intel on unsuspecting victims – this is called Social Engineering.

Tip 2: Keep your Eyes Peeled for Dodgy URLs

Cybercriminals are getting more advanced in their efforts to trick you into entering your financial details on unsecured websites, or convincing you to click on an innocent-looking link that downloads malicious software onto your device. Even if you receive a branded email, from what looks like a legitimate retailer with their logos and fonts, it could be a scam. Always type a retailer’s address into your browser to avoid being redirected to a fake site. And be on the lookout for the all-important https:// (as opposed to http://). The “s” stands for secure – so that one little letter is crucial to your online safety.

Tip 3: Make Use of Alternative (and Safer) Payment Methods

Every time you enter your credit or debit card details into an online form is a chance for those details to be intercepted by cybercriminals. Set up a dedicated online shopping account with strict credit and overdraft limits, with only enough money to buy what you need. Alternatively use the loyalty points you’ve been collecting all year.

4. If it seems suspicious, it probably is

Keep track of retailers you’re expecting a shipment from. If you receive an email that contains tracking information from a courier service or retailer you haven’t used, do not click on the tracking URL. This is a malicious link disguised as something familiar. The same goes for attachments – these could contain malicious code. Again, rather type the courier service website in manually to avoid being sent to a fake site.

Tip 5: If You Think You’ve Fallen Victim to Cybercrime – Act Fast

Report it to the police

There are many cybercrime cases that go unreported every year. These reports aid in investigations and can help shut down these cybercriminals and their syndicate organisations for good.

Report it to your bank

Get in touch with your bank as soon as you suspect something irregular is going on and have your card cancelled immediately. Depending on the circumstances, they may even be able to reverse the fraudulent charge and get your cash back.

Report it to the business you thought you were buying from

They have a vested interest in knowing they are being impersonated online, and are often better resourced in the hunt to track the perpetrators down. They are also familiar with the processes followed in getting suspicious sites blacklisted or shut down.

Do Not Negotiate

If you find yourself locked out of your PC due to ransomware, it’s likely the attackers will ask you to pay a ransom to give you back control. And they often ask for payment in untraceable currencies like Bitcoin. But once you’ve been identified as a soft target, they’ll probably be back for more.

Have a secure archiving solution in place that will ensure you can recover your lost information easily, without paying a penny.