As we approach the holiday season, we wanted to focus this month’s post on you (and your family). Bad guys don’t just wait until the holidays to start causing havoc, they also relentlessly target all of us all throughout the year. Judging by our perseverance, nothing is going to keep us from a good holiday deal, and attackers love to use this season to their advantage. Therefore, we must all keep a frosty demeanor (pun intended) to protect ourselves.
Let us take some time to review these precautions when shopping to ensure you and your family are well protected this holiday season.
- Credit – never debit – for online shopping. In case of fraud or a data breach, debit cards do not have the same consumer protections as credit cards. Credit cards don’t give a seller direct access to the money in your bank account – debit cards do. If you rely on your debit card, you could be without that money for an extended period in the event of fraud. Not to mention, you can take advantage of credit card points!
- Review your statements. Your bank and credit card statements should be frequently reviewed for unusual transactions.
TIP: If you have been breached, you are entitled to place a free initial fraud alert with one of the three national credit reporting companies:
- Equifax https://www.equifax.com/personal/credit-report-services/credit-fraud-alerts
- Experian https://www.experian.com/fraud/center.html
- TransUnion https://www.transunion.com/fraud-alerts
Shop with reputable retailers
- It is best to shop directly with online retailers you know and trust.
- Bookmark your favorite shopping sites to get there quickly and safely – avoid typing the name in the URL bar. This will prevent you from typos that could take you to a fake site that looks identical to the real site.
- Trust your gut! If you question the site’s trustworthiness, move on. Remember, if an offer looks too good to be true, then it probably is.
Social Engineering Attacks
- Don’t call me, I’ll call you! If you receive a call from your credit card company hang up and call the credit card company back using the number listed on your credit card.
- I’m getting what shipped to me?! Shipping e-mail scams are becoming increasingly common. Be wary of e-mails that appear to be from shipping companies that contain an attached file or link; it’s likely malware.
Just say "NO"
- Say "no" to strange apps. Scammers use mobile apps (and games) to hide malware that steals your personal information. Do not download apps unless they are from a reputable source.
- Say "no" to free Wi-Fi. Not only will it be safer not using public Wi-Fi to shop, like at your local coffee house, but you also won’t have to worry about regretting buying that VR headset on a whim. Wait until you get to a safer network, like at home, and you’ll have some time to think about that purchase and do it more safely.
- Say "no" to public computers. Prevent the spread of germs. Public computers, such as those in hotel business centers, are dirty, both physically and electronically. They have germs and digital viruses. Don’t use them for online purchases or accessing your accounts.
Use strong passwords
A strong password is one that's easy for you to remember (such as a passphrase) but difficult for others to guess. Having strong and unique passwords is key to protecting yourself online. Think about how many online accounts you have. That number is probably more than you think. On average, people have between 70-80 passwords. How can anyone possibly remember that many passwords? The answer is quite simple, they don’t. Instead, they reuse passwords across their accounts strictly out of convenience. It’s a massive problem. And one that cybercriminals love. Let’s make it harder on them.
- Use a long, random passphrase (at least 14 characters). The longer the phrase, the better!
- The best technique for securing your accounts is to use a password manager. It will generate and remember different, complex passwords for each of your accounts. It will also protect you from logging into a fake site masquerading as a legitimate one.
- Use multi-factor authentication for every site that offers it to further protect your accounts.
- Do not reuse any of your passphrases.
- Do not use personal information in your passphrases.
- Do not share your passphrases, no matter how clever they are.
Give yourself a gift
Don’t forget about you this holiday season. Give yourself a gift. Adopt “two-factor” protection. It adds an extra layer of security to prevent access to your personal accounts. You can learn more about adding two-factor authentication via your web browser on some of the internet’s biggest social media networks here.
See yourself in Cyber
While cybersecurity may seem like a complex subject, it’s really all about people. See yourself taking action to stay safe online. See yourself as part of the solution. Security is a journey, not a destination.