The holiday season is upon us! Along with the holidays comes shopping for gifts. This year BIT would like to share with you some tips and warnings to get you through the season safely…in terms of cyber security of course!
Online shopping is by far the most convenient way of shopping. While sitting in front of the fire place wearing pajamas and holiday socks may seem as safe as it gets, it’s important to keep in mind that there are still threats that can affect you while holiday shopping from the comfort of your home.
Whether you will be conducting transactions from your desktop, laptop or mobile device, keep these tips in mind to help protect yourself from identity theft and other malicious activity this holiday season and throughout the year:
- Secure your computer and mobile devices. Be sure your computer and mobile devices are current with all operating system and application software updates. Anti-virus and anti-spyware software should be installed, running, and receiving automatic updates. Ensure you use a strong password and unique password, which is not used for any other accounts. Set a timeout that requires authentication after a period of inactivity.
- Use mobile applications with caution. As devices such as smartphones and tablets, continue to gain popularity for online shopping, so too will the volume of attacks against them. Malware could be downloaded onto the device from seemingly legitimate shopping apps that can steal credit card and other sensitive information for transmission to cyber criminals. Update all apps when notified and disable Bluetooth and Near Field Communications when not in use to reduce the risk of your data—such as credit card number—being intercepted by a nearby device.
- Know your online merchants. Limit online shopping to merchants you know and trust. Only go to sites by directly typing the URL in the address bar. If you are unsure about a merchant, check with the Better Business Bureau or the Federal Trade Commission. Confirm the online seller’s contact information in case you have questions or problems.
- Consider using an online payment system or credit card. Where available, you may want to use online payment services, which keep your credit card information stored on a secure server, and then let you make purchases online without revealing your credit card details to retailers. If you do pay online directly to the retailer, use a credit, not debit card. Credit cards are protected by the Fair Credit Billing Act and may reduce your liability if your information is used improperly.
- Look for “https” before you click “Purchase.” Before you submit your online transaction, make sure that the webpage address begins with “https.” The “s” stands for secure, and indicates that communication with the webpage is encrypted. A padlock or key icon in the browser’s status bar is another indicator.
- Do not respond to pop-ups. When a window pops up promising you cash, bargains, or gift cards in exchange for your response to a survey or other questions, close it by pressing Control + F4 on Windows devices, or Command + W for Macs.
- Do not use public computers or public wireless access for your online shopping. Public computers and Wi-Fi hotspots are potentially insecure. Criminals may be intercepting traffic on public wireless networks to steal credit card numbers and other sensitive information.
- Secure your home Wi-Fi. Make sure you control who has administrative access, and that any users on your network authenticate with a strong password. Encryption settings should be enabled and strong – using WPA2 is recommended.
- Be alert for potential charity donation scams. Cyber criminals try to take advantage of people’s generosity during the holiday season and can use fake charity requests as a means to gain access to your information or computer/device. Think before clicking on emails requesting donations. Don’t give your financial or personal information over email or text.
- Be alert for major retailer / box store scams. There is a significant increase this time of year of messages allegedly coming from Target, Wal-Mart, etc. The message is in some form of “our online shop has an order addressed to you. You may pick it in any store of Target.com closest to you within four days. Please, open the link for full order information”. They look incredibly authentic customized to be as local as possible. Be extra cautious to insure that you have indeed ordered something from a store before clicking on any links provided therein. These scams usually infect your devices with malware.