|
From the desk of Jason Balderama, CISO, County of Marin
‘Tis the season for holiday gifts and shopping! To avoid waiting in lines and traffic, many people opt out of going to malls and choose to shop online. Scammers are aware of this fact, and it is their time to be active and develop new methods of tricking people.
The 10 tips below will help reduce the likelihood of your information falling into the wrong hands and ensure that you have a secure shopping experience this holiday season.
|
|
-
Do not use public Wi-Fi for any shopping activity. Public Wi-Fi networks can be very dangerous, especially during the holiday season. While they are very convenient, they are not secure, and can potentially grant hackers access to your usernames, passwords, texts, and emails. For instance, before you join a public Wi-Fi titled "Apple_Store," make sure you first look around to see if there's actually an Apple Store in your vicinity, and thus, confirm that it is a legitimate network. While it is best to avoid public Wi-Fi altogether, if you need to utilize a public network ensure that you never establish an autoconnection, and that you are logged out of all personal accounts, such as your banking sites.
-
Think before you click. Scammers take advantage of the surge in holiday deals and communications to send out phishing e-mails. Scams have significantly evolved in quality and can appear as legitimate discounts or reputable special offers. Also, be careful with messages regarding shipping confirmations and changes. Phishing scams include cleverly crafted messages that look like official shipping notifications. Always use official channels to track your packages, and NEVER open an email from someone you do not know, that you did not expect to receive, or from a site you have not visited.
-
Look for the lock symbol on websites. When visiting a website look for the “lock” symbol before entering any personal and/or credit card information. The lock may appear in the URL bar or elsewhere in your browser. Additionally, check that the URL for the website has "HTTPS” in the beginning. These both indicate that the site uses encryption to protect your data.
-
Choose Trusted Online Retailers. If a deal looks too good to be true then it may be a scam. Check out the company on https://ResellerRatings.com. This site allows people to review online companies and will give you an indication of what to expect when purchasing from them.
-
Give your debit card a holiday break. When you are shopping online it is best to rely on your credit cards or payment services such as PayPal. If you shop with a debit card and it is compromised, criminals gain direct access to the funds in your bank account. Credit cards offer much more protection and less liability if your information were to be compromised. In the event of fraudulent transactions, credit card companies possess the ability to reverse the charge and hopefully, investigate the issue further.
-
Keep your devices up to date. Updating devices will fix security flaws and help keep you protected. Whether it’s your computer, smartphone, or tablet, be sure to enable automatic updates for your operating system, antivirus software, and apps.
-
Never save your information. Never save usernames, passwords, or credit card information in your browser and periodically clear your offline content, cookies, and history. Avoid saving your payment information in your account profile when completing an online transaction. If the site autosaves your payment information, go in after the purchase and delete the stored payment details. Better yet, if the site has the option, check out as “guest” to avoid storing personal/payment information online.
-
Make sure your passwords are complex. Creating strong and unique passwords is still a security best practice for protecting your personal and financial information. Consider creating a cryptic passphrase that is longer than the typical password, but easy for you to remember and difficult to crack. MOST IMPORTANTLY, do not reuse passwords across multiple sites, especially between work and personal resources. If you have difficulty creating unique passwords for each of your accounts, consider using password generators and managers to develop more complex passwords and store them securely as well. Enable Multi Factor Authentication (MFA) when available as an added layer of protection for your online accounts.
-
Beware of “porch pirates.” When receiving purchases from delivery services, make sure you are always tracking your packages. The US Postal Service, FedEx, and UPS all have systems to track your packages, and all three utilize tracking numbers that can be used to figure out where your item is and when it should be delivered to your home. While the only surefire way to thwart porch pirates is to not have packages delivered to your home at all, this may not be practical. For added security when receiving packages, consider delivering to alternate locations, requiring signatures, and/or using a package receiving service.
-
Monitor your financial accounts. As cyber-safe and secure as you think you might be you can still become a victim of a scam. Pay close attention to your bank accounts and credit card accounts, and monitor your credit report to ensure that there is nothing out of the ordinary.
It can be fun when shopping online to find gifts for your friends and family. Just remember to be careful so you don’t make your data, your money, and your presents a special gift to the scammers.
Happy Holidays and safe shopping!
|
|
Copyright © 2022 County of Marin, All rights reserved. |
|
Disclaimer
The information provided in Marin CyberSafe News is intended to increase people’s awareness of cybersecurity and to help them behave in a more secure manner. Links in this newsletter are provided because they have information that may be useful. The County of Marin does not warrant the accuracy of any information contained in the links and neither endorses nor intends to promote the advertising of the resources listed herein. The opinions and statements contained in such resources are those of the author(s) and do not necessarily represent the opinions of County of Marin.
|
|
|
|
|
