Tis the season for finding holiday gifts online and for cyber criminals to use fake websites, phishing emails and public Wi-Fi hotspots to steal sensitive information from unsuspecting shoppers.
A survey Cybereason conducted on staying safe while shopping online during the holidays found that 62 percent of respondents are concerned about being hacked while using the Web to find deals on gifts. Despite their security concerns, 40 percent of people said they won’t change their online shopping habits.
In fact, consumers seem more willing to engage in risky online behavior during the holiday shopping season, according to the survey. The results show that during the holidays people are more likely to purchase items from an unknown online retailer if they find a bargain and will use free public Wi-Fi networks when traveling during the holidays.
To prevent cyber criminals from pilfering credit card details, bank account information or log-in credentials, Cybereason CISO Israel Barak offers these seven recommendations for safe online shopping.
Only visit websites that you trust. Avoid shopping on sites that you’ve never heard of or offer deals that seem too good to be true. Obscure sites selling heavily discounted merchandise could be fraudulent and steal your credit or debit card information if you enter these details.
The URL in your browser should read HTTPS (not just HTTP) and there should be a padlock icon to the left of the URL. The “S” stands for secure and indicates that all communication between your browser and the website is encrypted.
Cyber criminals use phishing emails to lure shoppers to illegitimate websites that pilfer credit and debit card information or get people to unknowingly download malware. If you receive a suspicious email with an attachment or a link to a website you’ve never heard of, don’t open the attachment or click the URL. The link could lead to a malicious website and malware could be embedded in the attachment. Once again, if the email is offering a deal that seems too good to be true, it’s likely a scam.
Diligently check the URLs of the websites you visit. Criminals create fake websites with URLs that are very similar to the ones of legitimate websites. They’ll often subtly add or change a letter in the URL to deceive people.
Update your OS, browser and applications. This will ensure that any known vulnerabilities are patched.
Use your smartphone as a hotspot to connect your laptop to the Web instead of using free public Wi-Fi networks found in airports and hotels. The data on free public Wi-Fi networks is unencrypted and can be easily intercepted by attackers staging man-in-the-middle attacks. That data could include log-in credentials for banking sites or credit card numbers.
Use a credit card instead of a debit card to make purchases. Debit cards provide direct access to the bank accounts they’re linked to and aren’t covered by credit card fraud insurance policies. Fraudulent credit card transactions don’t impact your bank account and many credit card companies offer zero liability for fraudulent charges. With debit cards, the money for the transaction is immediately withdrawn from your account and you are responsible for getting the money back.
These tips aren’t just applicable to online shopping during the holiday season. They can be used to stay safe when shopping online throughout the year.