Tis the season! We’ve reached the part of the year where we look forward to joining friends and family for holiday celebrations, followed by looking back at the year that was. Black Friday is right around the corner, which is great for those of you courageous enough to manage the crowds and traffic. For those of us that prefer to shop from the comfort of our own homes, we’ll happily take advantage of Cyber Monday instead. 🙂
Tis the season for scams as well. Cybercriminals love holiday shoppers because suddenly everyone is rushing to the internet and throwing out their credit cards and personal information. And not everyone is doing it safely or correctly, which provides a nice holiday bonus for thieves. This season, we want you to take a few extra steps when purchasing gifts to ensure your PII doesn’t end up in the hands of cybercriminals.
Here are eight easy-to-follow tips for staying safe on Cyber Monday (and all of the other days of the year you buy things online):
Don’t Search “Cyber Monday Deals”
Not that you would ever leave the first page of a Google search, but you never know what kind of random website could be lurking with a generic search. Only go to trusted vendors and search for Cyber Monday deals on their host websites. If there’s something specific you’re looking for that you’re having trouble finding, just be careful if you end up on an unfamiliar website. A little research goes a long way. Read customer reviews and do your best to find out if the seller can be trusted.
It Really Is Too Good To Be True
FYI, a 70-inch TV is going to cost you a lot of money. So if you see an “AMAZING DEAL!!” that is selling said TV for a price that makes no sense, then it’s too good to be true. They’re not always going to be obvious and some might even be legit, but skepticism is your best defense. If you’re not sure, stay away.
Think Before You Click
Phishing scams ramp up during the holiday season. As a general practice, we recommend not clicking on any Cyber Monday special offers that end up in your inbox, even if they appear to be from a legit source. It’s plenty easy to just visit the website tagged in the email and search for the offer manually. Keep in mind that email spoofing is a common social engineering attack. At the very least, hover over the link—just as you always should—and carefully study the URL.
Look For The “S”
When it comes time to slap your credit card information on a website form, make sure there’s green lock followed by a URL that begins with “https”. The “s” stands for security, of course, and we really like security. The green lock indicates that you have a secure connection with encrypted traffic, which means no one else except you and the website you are connected to can read the data you are exchanging.
Double-check Those URLs
Cybercriminals are creative. They like to spoof websites by throwing in an extra letter somewhere that a user may not notice. For example, instead of being on “justinsawesomecupcakes.com”, you might be on “justinssawesomecupcakes.com”. Notice the extra letter? Would have you if you were at the end of a long day and making a couple of quick gift purchases? Before clicking on anything, make sure you are on the site you intended to be on. (Again, look for the “s”.)
Don’t Go Shopping At The Coffee Shop
Public WiFi networks are public and hunting grounds for thieves. So as nice it may sound to go grab an expensive peppermint hot chocolate somewhere and do a little shopping, entering personal information while on a public network is a great way to get hacked. If you must shop on a public network, be sure to use a VPN. VPNs—short for virtual private network—encrypt your traffic, preventing anyone from eaves dropping on your data and stealing your information. Yes, you really need a VPN.
Watch Out For Shoulder Surfers
This applies more to Black Friday shoppers than to Cyber Monday shoppers, but we should mind our environments at all times. If you’re sitting at a coffee shop and entering your credit card info, or at an ATM entering your PIN, make sure no one is spying on you in hopes of stealing your information. A good shoulder surfer can memorize your card numbers with one glance. Make sure they never have the chance.
Secure Computers Only, Please
As always, your computer(s) should be completely up to date, and you should be running antivirus and anti-malware software at all times. It’s possible for your computer to be infected without you knowing and that every bit of information you send out, every keystroke you make, is being recorded by a cybercriminal. This is not paranoia. It’s security 101.
For more great tips, check out this awesome music video!
Latest posts by Justin Bonnema (see all)
- Account Compromised? What to do After a Data Breach - January 17, 2019
- Welcome to the Security Awareness Company - January 10, 2019
- The Security Awareness Program Playbook - January 3, 2019