Always be skeptical when it comes to online shopping. With peak shopping season comes numerous opportunities for cybercriminals to utilize various tactics and techniques to scam shoppers. Fake websites will offer incredible deals to lure customers, but sometimes if the offer sounds too good to be true, it probably is fake. Search for authorized retailers for items you want to purchase by visiting the brand’s website. To better ensure the website you’re shopping from is secure, type out the URL for the website and avoid visiting sites directly from links.
Threat actors and other cybercriminals rely heavily on phishing tactics to steal valuable information, make fraudulent transactions, and hack accounts. Common phishing attacks will appear to be from a recognizable retailer or financial institution and will include a billing issue with a recent order that requires financial information or a shipping address. Always check every email you receive for any issue with the web address, including numbers or letters that shouldn’t be there. Compare suspicious messages to legitimate emails from verified companies. Hover over the links to see if they direct you to the real website and type out the main URL into your browser to manually access the website. Always be aware of emails with suspicious links or attachments because they may contain malware. Open the attachments from known senders and scan them for viruses before downloading or accessing them further.
Public Wi-Fi networks are the most vulnerable systems and an easy target for cybercriminals. Shoppers should never complete any transactions on public or free Wi-Fi because they expose your personal information to potential threat actors. Always have the ‘automatically connect’ option turned off to avoid your device connecting to fraudulent or insecure hotspots. If you must use public Wi-Fi, make sure it’s connected to a network using a VPN (Virtual Private Network). A VPN encrypts all the data being passed through the network and keeps your data safe and secure from potential risks.
The most effective ways to practice personal cybersecurity are using very strong passwords and multi-factor authentication (MFA). Utilizing these two methods will make it very difficult for cybercriminals to access your account. When you’re shopping online or accessing financial sites, always activate the MFA that offers it. With MFA enabled, when users enter their username and password on a website, the website asks for a security code usually sent through text message on their cell phone. Most credit cards, financial websites, social media platforms, apps, and shopping sites now offer this option. Using MFA on your accounts will make them difficult for threat actors to access. Even though they have your login information, they won’t be able to receive the one-time verification code unless they also have your cell phone.
When creating strong passwords for your accounts, use long and complex combinations of letters, numbers, and symbols, and always change any passwords that were involved in a breach. Users should avoid these common password mistakes:
Always check your credit card and bank statements or any connected payment accounts, credit cards, or apps used to make purchases during this holiday season. Most financial institutions encourage people to set up alerting thresholds notifying you if anyone is attempting to make a purchase over the pre-determined amount. If you notice any unauthorized purchases, contact your credit card company immediately.
When shopping online on Cyber Monday and during this holiday season, always use a credit card, never a debit card. It’s better for a credit card to be compromised than having cybercriminals drain your checking account because most credit card companies offer fraud protection. If you become a victim of credit card fraud, credit card companies will fight for you because it’s their money. However, if you become a victim of debit card fraud, you must fight for your money. In the case of credit card fraud, the user’s liability is minimal as they are protected against fraudulent activities and unauthorized transactions under the Federal Fair Credit Billing Act.
These personal cybersecurity tips should allow for safe online shopping this year. We hope these tips help you better protect your personal information during this holiday season.
If your company is experiencing a breach, call our Security Operations Centers at 833.997.7327 to speak directly with an engineer.