While holiday shopping is often synonymous with long in-store lines and crazed bargain shoppers, especially on Thanksgiving and Black Friday, this year, shopping looks a little different. Retailers were forced to come up with new ways to encourage consumers to shop earlier and online, including introducing Black Friday deals all November long.
As the number of online shoppers increases so do the number of cybercriminals. Tonya Ugoretz, the deputy assistant director of the FBI’s Cyber Division, previously reported a 400 percent increase in cybercrime complaints since the beginning of the year. It’s crucial that shoppers remain vigilant when buying online.
To help you avoid a cyberattack, Woz U Cyber Security Threat Analyst and Adjunct Professor of Information Systems and Cyber Security, Shaun Manzano, created this list of safety tips for online holiday shopping.
“The holidays are a time for family and tradition, and unfortunately cybercriminals are leveraging the vulnerabilities created by the frenzy of holiday shopping and feelings of good tidings and joy to launch attacks on your personal data,” says Manzano. “The key to safe online holiday shopping is mitigating pivot points for a cyberattack. By staying diligent and practicing these tips, you can feel secure shopping online for the holidays and any day.”
Cybercriminals can create imposter websites that appear legitimate. Unless you are paying close attention, you could click on a product or link that opens the door to hackers. Scammers will create fake websites to lure shoppers into purchasing an item that is never received.
According to the Better Business Bureau, 57 percent of shoppers do not research a new website before buying. And, of those 57 percent, 81 percent lost money. If the site asks for more information than usual or you’re just not comfortable with the buying experience, abandon the site. Search for the product on more reputable sites.
Reputable sites are secure sites.
If a website is safe, the URL should begin with HTTPS, not HTTP. Some browsers will display a lock next to the address if it is a secure site. Check for the HTTPS before clicking on a site, and again before initiating checkout, as some websites host their checkout process separately from their catalog.
DuckDuckGo is an internet search engine developed to protect search privacy and avoid the filter bubble of personalized search results. Using DuckDuckGo browser extensions and mobile apps verifies website security and blocks Google’s (and many other companies’) trackers, keeping your browsing history more private. No more ads that follow you long after you’ve completed a search.
Saving on holiday gifts can add up, and we know there are sites out there dedicated to curating promo codes for holiday bargain shoppers. Some are legit. Some not so much. Searching for promo codes, and then clicking on sites you’ve never heard of is risky and leaves you vulnerable. Instead, let a trusted browser extension like Honey or Wikibuy (Capital One Shopping) search and apply promo codes for you.
Software companies spend hours fixing vulnerabilities in their software. These fixes are included in software updates. If the updates are not applied, you increase the chances of a successful cyberattack.
Make sure your phones, tablets, laptops, and computers have firewall and virus protection software installed. If a device is not protected, do not use it for online holiday shopping. Additionally, add passwords to your devices. If you lose your phone or your laptop is stolen, this limits the access to personal information saved on your devices.
Strong passwords are crucial for staying safe while online holiday shopping. Hackers have tools that automate the process of finding the correct password. For example, if you have a four-digit passcode, there are only 10,000 possible combinations. An experienced hacker can find the right combination in seconds. Thus, it is essential to use longer passwords that include symbols, digits, and characters.
If a not-so-infallible memory is holding you back from implementing a stronger password, consider a passphrase. Similar to a password, a passphrase is longer and usually combines text, symbols, and digits to create an easier to remember and harder to crack the passphrase. For example, instead of using your dog’s name, try i7ovemydog!! for extra security.
A password manager like LastPass allows you to generate strong passwords for each individual website and service while providing a convenient and secure place to store these. No more trying to remember if your Bed Bath and Beyond login is the same as the Best Buy password, or keeping your passwords on a sticky note under your laptop.
Consider implementing multi-factor authentication (MFA) when it is available. MFA requires a second form of identification, such as a code sent to your smartphone. The code is entered into the application before access is granted. Hackers may guess your password, but they won’t have access to your phone.
If the big guy in red can do it, so can you. Before you open an email or click a link, take a moment to consider if it could be a phishing scam. In the rush of holiday shopping, it’s easy to click on what appears to be a legitimate promotional email, only to find out later you’ve given a hacker access to your personal information or credit card. Don’t be fooled by shipping emails for packages you’re not already expecting. The data can be faked. Luckily, scam emails usually have a few patterns:
Proceed with caution when checking your holiday (and all) emails.
Sure, you probably have a work email and a personal email. Go one step beyond. Consider using different email accounts for different purposes: One email address for important things like bills, banking, taxes, medical accounts, etc.; one email address for shopping; and one email address for newsletters or giveaways.
Periodically check whether your personal data has been compromised by data breaches using the website Have I Been Pwned? This service is used by media outlets and even the government to scan the dark web, collecting and analyzing hundreds of database dumps and pastes containing information about billions of leaked accounts. Enter your email address or username to see if your account has been included in a data breach.
Paying for holiday purchases with a credit or debit card can put your money at risk. While the bank or credit card company may make you whole, they can’t replace the hours consumed fixing the issue. Consider paying with a third-party provider like PayPal, Apple Pay, Samsung Pay, Google Pay, or a virtual credit card to keep your account information safe. And, if you do happen to be a victim of a cybercriminal, you will need proof of purchase. Make sure you can document your purchase history by keeping receipts or screenshots of your transaction history.
More people buy online even if the merchant is local. No matter how trustworthy the merchant may be, don’t pay online. Instead, pay when you pick up your order or have it delivered. It reduces the odds of becoming a victim.
Don’t let the worries of online holiday shopping spoil your holiday season. You can still scour the web for the perfect gift for family and friends — and, maybe even a little something for yourself. With these safety tips from the experts who lead Woz U’s Cybersecurity Program, you won’t have to worry or pout.
What are the benefits of using ChatGPT? ● Improve code quality: By generating more efficient…
Raspberry Pi 4 ($55) The Raspberry Pi 4 is a mini-computer that's perfect for coders…
The first step in creating a dating app is to define the target audience…
As technology advances, we're seeing increasing use of motion capture in media. This post will…
As such, organizations need to ensure their networks, data, and systems are secure from…
Additionally, tracking your fitness journey can help you identify patterns and make connections between…