​Have Yourself a Secure Holiday Season – Tips for Online Shoppers

Author: Robbie Upcroft, Managing Director, Asia Pacific Webroot

The shopping season is upon us. But with that comes a greater chance of falling victim to scams online. As criminals continue to evolve their tactics to steal personal and private information, it’s becoming more difficult to identify holiday fraud.

Cybercriminals take advantage of the fact that there is flurry of purchases and online transactions on popular shopping days like, Click Frenzy, Black Friday and Cyber Monday; and it doesn’t slow down until the New Year.

Hackers will scam consumers by posing as legitimate sources like eBay or Amazon, and Google cites that cybercriminals successfully entice unsuspecting victims an alarming 45 per cent of the time.

When it comes to holiday shopping, some of the greatest security risks for consumers fly under the radar. Particularly during the summer months, shoppers tend to let their guards down during the search for finding the perfect holiday gift. For example, if a shopper searches for “Star Wars toys” and “coupons,” this may lead to a malicious link or bad URL that seeks to steal information.

Hackers unfortunately don’t take time off during the holidays, so how can we keep cybercriminals at bay?

Here are some tips on how to keep you and your family secure:

Update your passwords and make them different: Aim to change your primary email account password every three months. This helps keep you more secure because a stolen password only stays compromised until you change it again. Make sure the email account used for registering online accounts uses a different password from all other accounts. Breaking into someone’s primary email account makes it easy to access an individual’s other accounts through password reset options. To maintain proper cyber hygiene, make changing your passwords a part of your New Year’s resolutions this year.

For mobile devices, it’s important to leverage multi-factor authentication. Using a lock screen that requires a password isn’t enough. In addition, use biometrics if your phone supports it, (a thumbprint) and then use a second method of authentication such as a long password.

In addition to changing passwords, make sure you don’t use the same password for all of your accounts. Once a hacker has one password, accessing a user’s information becomes easier.

Read more: Software Vulnerability Management, 2016 Predictions

Use a single credit/debit card: When making purchases online, try to use the same credit/debit card for all of these transactions. That way, you can monitor for fraud or unauthorised purchases more easily. Also, for online purchases, review transactions frequently to stay on top of suspicious activity.

Watch out for email scams: Sadly, if a deal sounds too good to be true, it probably is. This can be especially difficult to detect during the holidays since consumers are expecting to find a great deal. While you’re on the hunt for the best price for that perfect gift, trust only the online stores you know to avoid the scammers. Also, be wary of emails advertising mega-deals. This season can be stressful enough without worrying about cybercriminals dipping into gift-giving funds.

Be aware of your surroundings: In general, it’s important to be aware of your surroundings online and monitor for any suspicious behavior. For example, just because you can connect to the internet almost anywhere doesn’t mean you should connect to Wi-Fi if it’s available, especially if it’s on a non-secure network.

Most hotspots and public Wi-Fi networks inherently lack adequate protection, leaving your mobile devices, tablets and PCs at risk. On top of that, malicious users oftentimes will create networks or URLs similar to coffee shops, or other types of venues. In most cases, you should turn off Wi-Fi and Bluetooth settings on devices if it’s not needed. With that said, shoppers should treat all public Wi-Fi networks as suspicious.

Use security technology to stay safe online: Finally, take technological precautions. Make sure your internet browser, plugins, Java, operating system, apps, etc. are all up to date so you have the latest security patches. Leveraging security technology like antivirus or other software for endpoint protection can help block against fake web addresses, phishing scams, malware and other security threats on your devices. Remember, that protecting your devices helps to protect your personal information.

Holiday shopping will continue to evolve with the emergence of e-commerce apps and the convenience of online shopping. While cybercriminals are constantly finding new ways to access personal information, it’s important for shoppers to stay proactive as they browse the internet, questioning retailers and online sources as they continue to make purchases. Don’t get grinched this year, and have yourself a secure cyber holiday!

Join the CSO newsletter!

Error: Please check your email address.

Tags hackerspassword protectionOnline ShopperscybercriminalsCSO Australia

More about ClickeBayGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Robbie Upcroft

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place