Cyber Monday (News – Alert) is just a few days away, and according to American Express, more people are expected to shop online that day than visit brick and mortar stores on Black Friday (News – Alert).
Whether you’ll be conducting transactions from your desktop, laptop or mobile device, there are steps you can take to avoid becoming a victim of identify theft, malware or other cyber crime.
The threat of cyber crimes is very real and can have significant financial and personal impact. In order to save yourself from online holiday shopping pitfalls, use the following tips to protect your personal information. By applying these basic strategies you will go a long way toward improving cyber preparedness.
- Secure your computer and mobile devices. Be sure your computer and mobile devices are current with all operating system and application software updates. Anti-virus and anti-spyware software should be installed, running, and receiving automatic updates. Ensure you use a strong password, and one that is not used for any other accounts. Set a timeout that requires authentication after a period of inactivity. CIS offers many free configuration guides (benchmarks) to help secure the most commonly used systems and technologies—including those for mobile devices. The new CIS Apple iOS 7 Benchmark provides specific, step-by-step recommendations for securing numerous settings on millions of devices running iOS 7, including theiPhone (News – Alert), iPad, iPad Mini and iPod Touch.
- Use mobile applications with caution. As devices such as smartphones and tablets continue to gain popularity for online shopping, so too will the volume of attacks against them. Every time you download an app you open yourself to potential vulnerabilities, so research those you plan to download to verify their legitimacy. Update all apps when notified and disable Bluetooth and Near Field Communications when not in use to reduce the risk of your data, such as a credit card number, being intercepted by a nearby device.
- Know your online merchants. Limit online shopping to merchants you know and trust. Only go to sites by directly typing the URL in the address bar. If you are unsure about a merchant, check with the Better Business Bureau or the Federal Trade Commission to ensure its legitimacy. Confirm the online seller’s contact information in case you have questions or problems.
- Use a credit card, not a debit card. Credit cards are protected by the Fair Credit Billing Act and may reduce your liability if your information is used improperly.
- Look for “https” before you click “Purchase.” Before you submit your online transaction, make sure that the webpage address begins with “https.” The “s” stands for secure, and indicates that communication with the webpage is encrypted. A padlock or key icon in the browser’s status bar is another indicator. Also, make sure your browser is current and up-to-date.
- Do not respond to pop-ups. When a window pops up promising you cash, bargains, or gift cards in exchange for your response to a survey or other questions, close it by pressing Control + F4 on Windows devices, or Command + W for Macs. The pop-up may be a link leading you to malicious malware.
- Do not use public computers or public wireless access for your online shopping. Criminals may be intercepting traffic on public wireless networks to steal credit card numbers and other sensitive information. Make sure the settings on your computer or device prevent it from automatically connecting to Wi-Fi hotspots.
- Secure your home Wi-Fi. Make sure you control who has administrative access, and that any users on your network authenticate with a strong password. Encryption settings should be enabled and strong – using WPA2 is recommended.
- Be alert for potential charity donation scams. Cyber criminals try to take advantage of people’s generosity during the holiday season and can use fake charity requests as a means to gain access to your information or computer/device. Think before clicking on emails requesting donations. Don’t give your financial or personal information over email or text. If you are looking to contribute to a charity, navigate to a trusted address of the organization, never through a link in an email. To check if an organization is eligible to receive tax-deductible charitable contributions visit the IRS website.
- Keep a record. Keep a record of your online transactions, including the product description and price, the online receipt, and copies of every email you send or receive from the seller. Review your credit card and bank statements for unauthorized charges.
- Review privacy policies. Review the privacy policy for the website/merchant you are visiting. Also, learn what information the merchant is collecting about you, how it will be stored, how it will be used, and if it will be shared or sold to others.