As we all work through our holiday gift giving lists this "Cyber Monday," it's important to be cyber aware of "the Grinch" lurking in the corners waiting to steal our private, and what we hope and think is secure, information. So, before you begin to cross the names off your list while experiencing that great sense of accomplishment, take a few moments to read through these "cyber shopping" best practices to protect yourself and your information. Nobody wants to spend the holidays recovering their data and identity.
Cyber Monday Practice #1 - Website Plum Pudding
While choosing to do your shopping online, one of the first things you need to ensure is that the websites you're clicking "checkout" on are legit and well-known websites. To understand if they are, pay attention to these signs:
- Many fraudulent websites will use names similar to the well-known brands (ex. Nike, Calvin Klein, etc.) but have a misspelling or additional word (ex. walmartdiscounts.com instead of walmart.com).
- There is no 'Contact Us' page or contact information. Companies that are selling items always have a way in which to provide answers to questions or inquiries.
- Ensure that the login, create account, and payment pages are all secure. Secure websites will have the HTTPS: vs. just HTTP:; however, do note that cyber criminals will often use SSL (Secure Socket layer) certificates these days on their malicious websites - do not simply trust a website because the URL contains HTTPS.
Cyber Monday Practice #2 - Sales Offer Email Fruitcake
As a result of "Cyber Monday," you will receive many emails from various online retailers sharing sales, discounts, and offers. Before clicking on the links within the emails, verify that the following is in place:
- Instead of clicking on the email link, go directly to the seller’s website and enter the domain. Do not trust links sent to you in an email or found in an ad. Also be wary of smartphone apps that you are not familiar with; these can be compromised as well.
- Ensure that you recognize the 'from' address and that it matches the website domain URL. Oftentimes, fraudulent emails will have mismatching or mispelled 'from' email addresses.
Cyber Monday Practice #3 - A Credit Card in a Pear Tree
Now that you've established the email you received was safe and you clicked on it to be brought to a safe website domain, you're ready to make your holiday purchases! But, wait, how are you going to make that purchase?
Instead of using your debit card that links directly to your bank account, use a credit card. Although nobody likes to carry a credit card balance, it's important to protect your bank account from holiday slime.
Think of it this way, if your debit card is breached, you will have to freeze the card and stop payments within your bank account while trying to dispute each errant charge (this can take a while and incur more fees). In the meantime, you can't pay your bills, go out to lunch, go to the ATM for cash... you name it. This is not a situation you want to be in over the holidays. With a credit card, it's much easier to dispute charges (a credit card company will always fight back for its money) and close the account without having to put your life on hold as well.
These are just a few best practices we suggest to protect your information while holiday shopping. To learn more about how to protect yourself and your organization from cyber attackers, click on the button below.