Looking to do some online shopping this holiday season? Odds are the answer is yes. In fact, 99% of consumers plan to do at least some of their shopping online. But, before you click “pay”, are you thinking about how to protect yourself from hackers, scammers and thieves? This time of year, these cyber criminals find themselves ripe with opportunity and its only a matter of time before you fall victim (I mean, it is a numbers game for them after all). In fact, experts are advising consumers to shop early this year due to continued supply chain issues across the world. This building sense of urgency for shoppers this season adds to the likelihood you’ll be targeted by a cybercriminal. The best defense against these threats? Vigilance.
Tip 1 – Secure your devices.
We first recommend that you make sure your own devices are secure. Make sure you run all provided updates on your device before shopping. This will make sure any available software and operating system security patches have been made. Shopping on a work device? If so, you should make sure you are using your employer issued VPN (Virtual Private Network) to obscure your online identity, even on public Wi-Fi networks, so you can browse and make purchases on the internet more securely and anonymously.
Tip 2 – Check and strengthen your passwords.
Log into your account with any retailer you’ve shopped with in the past an make sure your passwords are updated and strong. Also, check to see if the retailer offers multi-factor authentication (MFA) and if so, take advantage of it. Better yet, if the retailer offers MFA and single sign-on (SSO), take them up on the offer. It may seem inconvenient in theory, but it provides an extra layer of security when making a transaction that allows the retailer to validate that you are who you say you are before allowing the transaction to go through.
Tip 3 – Buy from trusted businesses.
Are you being served up appealing Facebook or Instagram ads? Instead of clicking on the ad, type the web address of the retailer into your web browser to ensure you don’t click on a spoofed ad. If you haven’t heard of the company before, check twice before supplying your information to make sure it is legitimate. Also, make sure your information is being encrypted on the website with an SSL certificates (or Secure Sockets Layer). To check if they are, look for the “https://” within the URL, as well as a closed padlock icon. We also recommend you check the retailer’s privacy policy to make sure that when you do share your information, you know what happens to it and you are comfortable with their terms. And, even then, only provide what is in the required fields – there’s no need to provide more.
Tip 4 – Look for red flags.
Never provide your password, personal or financial information in response to an unsolicited email. Cybercriminals are very good at spoofing emails from even the most reputable retailers. Legitimate businesses will never email you asking for this information. Another red flag is an unsolicited email that plays on your emotions – like an urgent message to shop early due to supply chain delays, or a message asking you to click on a link to verify your personal or financial information.
Ask us for more tips & tricks!