Introduction
The holidays are officially upon us and in today’s day-in-age, with them comes a tremendous increase of online shopping. While this year COVID-19 isn’t impeding us from shopping at brick-and-mortar stores, many people will still opt to shop online from the comfort of their homes—avoiding long lines and traffic congestion. But cyberattackers are privy to this common choice and therefore, risk is much higher at this time of year.
This article reviews some of the basics to help you shop for loved ones online.
Staying Safe
1. Making sure your internet connection is secure:
Your home network should already be relatively safe, assuming that your ISP or cable carrier came out to install your router and get your network up and running. But after time, glitches do occur, perhaps even as you reset your modem. Thus, it is always a good idea to run through the checklist that your ISP has provided you to ensure that all is secure before you go on a major spending spree. If you do not have a list, go to their website, or even a simple Google search can provide you with the steps you should take to ensure safe connection.
2. Phishing Attacks:
The holidays are one of the typical times when there is a drastic spike in phishing emails. Worst yet, these emails have become so sophisticated that it is almost impossible for the untrained eye to tell the real from the fake. But there will always be one or two small clues that will give a fishing email away. For example, there will be a word misspelled or a punctuation error. Or, the reply-to address will be different than the one that sent the email, and the messages' links may vary. If you're unsure, forward the email to the online store it claims to come from and ask them to look at it.
Most online retailers now have a dedicated email address to which you can forward phishing emails for further investigation. If you receive a suspicious email, you can even call the store to see if they have sent it or not. Also, be careful of a new emerging trend: phony emails are now being sent saying that a product you have ordered is on the way and to click on a link to check the shipping status. Ignore these emails at all costs! Most people ship via couriers, such as FedEx, UPS, DHL, and the USPS. If you are expecting something, check the tracking information of their websites first.
3. Where you shop:
There are thousands of online shopping stores where you can make purchases. But the problem now comes in trusting which ones to use. If you are loyal to a particular group of stores, and they have provided you with excellent and secure service, the best advice is to stay with them for your shopping needs. But if you are looking for a cheap deal, going to one of these less familiar online merchants becomes very tempting. But before you put your credit card through one of them, make sure they're real.
For example, try to find any Google reviews you can about the retailer. The more positive reviews there are, the likelihood increases that it is a legitimate brand. Also, try calling the retailer. If you get a live person to answer, that is also a good sign. But it should be a red flag if somebody answered in a foreign accent, speaking broken English. If any doubts still linger, you can call the Better Business Bureau to see if the retailer is legitimate. If you finally determine that the retailer is the real deal, you still need to be extra safe. For instance, there could be malware or spyware contained on the website, which could still drop off its malicious payload. So, ensure that the website is secure with a digital certificate and has the padlocked image on the left-hand side of your URL bar. When you're done shopping, always run a malware/virus scan with your antivirus software package.
4. Password security:
In today’s world, there are many wireless devices that contain different kinds of browsers (such as Edge, Chrome, Safari, Opera, Firefox, etc.). These browsers even come on desktop computers. With software developers, there tends to be a line of thinking that what works in one device will work in all the others. In other words, they tend to take a “one size fits all approach.” But given how much end-user technology there is out there, it’s too dangerous to take this bold of an assumption. Therefore, the app needs to be tested to confirm that it works in all browsers and all major devices (a bulk of them are Android or iOS based). This methodology is also technically known as taking a “UI/UX” approach. These are both acronyms for "User Interaction/User Experience.”
5. Using 2FA/MFA:
These acronyms stand for "Two Factor" and "Multifactor" authentication, respectively. You want to shop at an online retailer that requires confirming your identity beyond just using a password. For example, you may be sent a one-time password (OTP) to your smartphone, which you also have to enter after confirming your password. Companies can kick this up to three or more forms of authentication before allowing access to your online shopping account.
6. Keep checking your accounts:
Check your credit card and bank accounts daily to ensure that no fraudulent activity has occurred. But during the holidays, you should ramp this up to 2-3x a day. It is also prudent to always shop online with your credit card versus a debit card. If any fraudulent activity occurs on your credit card, the limit you pay caps out at about $50.00. But if you use your debit card, there is no limit, and you will be responsible for all the charges for any fraudulent activity.
Conclusions
These are some of the critical tips that you can use to help protect yourself and your family this holiday season, keeping these three things in mind:
Follow Spruce for more tips on keeping you and your company cyber safe. Learn more about Spruce by visiting www.sprucetech.com