|
From the desk of Jason Balderama, CISO, County of Marin
It's that time of year when so many people prepare to purchase gifts for friends, family, and loved ones. Though it can be convenient to avoid the lines and rush for that latest deal by shopping online, this also carries some risk. Scammers are always working to steal your personal and payment information, and the holiday shopping season is the perfect opportunity for this to happen. By making safer choices, you can greatly lower your chances of becoming a victim.
|
|
-
Use Your Own Devices. Never use a public computer when shopping or banking, as it can expose you to greater risk. It is best to use a trusted device and network for anything involving financial transactions.
-
Use Your Own Connections. Do not use public Wi-Fi for any shopping activity. Public Wi-Fi networks can be very dangerous, especially during the holiday season. While they are very convenient, they are not secure and can potentially grant hackers access to your usernames, passwords, texts, and emails. For instance, before you join a public Wi-Fi titled "Apple_Store," make sure you first look around to see if there's actually an Apple Store in your vicinity, and thus, confirm that it is a legitimate network. While it is best to avoid public Wi-Fi altogether, if you need to utilize a public network, ensure that you never establish an autoconnection, and that you are logged out of all personal accounts such as online banking accounts.
-
Secure Your Accounts. Use strong and unique passwords on all your accounts and enable Multi-Factor Authentication (MFA) as an added layer of protection. If you have several passwords to keep track of, consider using a password manager to help keep your accounts secure. If you use the same password for multiple sites and your password is stolen, a scammer can potentially gain access to all of the accounts where that password was used.
-
Use Trusted Retailers. Use a retailer you already know or one that is verified through another trusted entity. If you find a store to do business with, but are unsure about its reputation, try to find reviews from trusted sources such as https://ResellerRatings.com. It's important to stick to trusted review sources, because there are several ways to fake online reviews and there are places where scammers can pay other criminals to post positive reviews.
-
Use Trusted Apps. The same advice applies when downloading apps to help with your online shopping. Whether you are downloading a store app to get a coupon, an app to comparison shop, or a reward app that ensures you get points or cashback, it is important to stick to trusted apps from known developers. Unfortunately, fake apps appear in the app stores. You can avoid many malicious apps by downloading your apps from the official apps store for your device, selectively choosing which apps to download, and making sure you carefully read the permissions and app reviews.
-
Think Before You Click. Scams have significantly evolved in quality and can appear as legitimate discounts or special offers. If a deal looks too good to be true, then it may be a scam. Also, be careful with messages regarding shipping confirmations and changes. Phishing scams may look like official shipping notifications. Always use official channels to track your packages, and NEVER open an email from someone you do not know, that you did not expect to receive, or from a site you have not visited. When in doubt, visit the retailer's web site instead of clicking links from e-mails and text messages.
-
Look For the Lock Symbol on Websites. When visiting a website, look for the “lock” symbol before entering any personal and/or credit card information. The lock may appear in the URL bar or elsewhere in your browser. Additionally, check that the URL for the website has "HTTPS” in the beginning. These both indicate that the site uses encryption to protect your data.
-
Use Secure Payment Methods. When you are shopping online it is best to rely on your credit cards or payment services such as PayPal. If you shop with a debit card and it is compromised, criminals gain direct access to the funds in your bank account. Credit cards offer much more protection and less liability if your information were to be compromised. In the event of fraudulent transactions, credit card companies possess the ability to reverse the charge and hopefully, investigate the issue further.
-
Never Save Your Information. Never save usernames, passwords, or credit card information in your browser. Periodically clear your offline content, cookies, and history. Avoid saving your payment information in your account profile for online transactions. If the web site autosaves your payment information, go in after the purchase and delete the stored payment details. Better yet, if the site has the option, check out as “guest” to avoid storing personal/payment information online.
-
Beware of Porch Pirates. When receiving purchases from delivery services, make sure you are always tracking your packages. The US Postal Service, FedEx, and UPS all have systems to track your packages, and all three utilize tracking numbers that can be used to figure out where your item is and when it should be delivered to your home. While the only surefire way to thwart porch pirates is to not have packages delivered to your home at all, this may not be practical. For added security when receiving packages, consider delivering to alternate locations, requiring signatures, and/or using a package receiving service.
-
Monitor Your Financial Accounts. As cyber-safe and secure as you think you might be, you can still become a victim of a scam. Pay close attention to your bank accounts and credit cards and monitor your credit report to ensure that there is nothing out of the ordinary.
|
|
Copyright © 2023 County of Marin, All rights reserved. |
|
Disclaimer
The information provided in Marin CyberSafe News is intended to increase people’s awareness of cybersecurity and to help them behave in a more secure manner. Links in this newsletter are provided because they have information that may be useful. The County of Marin does not warrant the accuracy of any information contained in the links and neither endorses nor intends to promote the advertising of the resources listed herein. The opinions and statements contained in such resources are those of the author(s) and do not necessarily represent the opinions of County of Marin.
|
|
|
|
|
