Cyber Monday: 10 steps to protect yourself from security risks

Nelson GomesCyber Monday — the online-only version of Black Friday taking place the Monday after Thanksgiving — is expected to be the largest online sales day of the year, with Adobe estimating $2.6 billion in sales, a 15 percent year-over-year growth. Of that $2.6 billion, Adobe is estimating that $520 million in sales (20 percent) will be conducted via mobile devices.

While consumers will go online looking for deals, cybercriminals will work to take advantage of this surge in shoppers by attempting a variety of activities intended to steal credit card information or install malware or Trojans on computers.

If you're planning to seek out Cyber Monday deals, whether for yourself or your organization, here are 10 steps PriorityOne Group suggests you take to better protect your computer, mobile device and personal information. Note: While this column focuses on Cyber Monday, the advice offered is worth following year-round as cybercriminals never take days off.

1. Shop only at the websites of stores you know. Cyber Monday, like Black Friday, brings with it the promise of substantial savings on purchases. You may find yourself searching the web for the best deal you can find. This is an activity cybercriminals are counting on.

If you find a deal that takes you to the online store of a company you've never heard of, proceed with caution. When the price seems like it may be too good to be true, there's a good chance it is. Don't enter any credit card information if you're wary of a site at all. You can check the name of a company through the Better Business Bureau to help confirm whether the company is legitimate.

It's also always worth double checking a website's address before proceeding with entering payment information as cybercriminals can create phony websites that appear similar to the websites of major retailers. When you visit a website you trust and verify it is the actual website you wanted to visit, bookmark the address of that website, and navigate to the website through that bookmark in the future. This will help prevent mistyping in a web address that may take you to a phony website or clicking a phony link in a search. Note: Consider using a filtering service like OpenDNS to protect your computer from websites that are known to be harmful to your computer.

2. Shop securely. Before entering any personal information into a webpage, ensure you can see "https" in the web address. This indicates a secure connection. You can never be too cautious in this regard. Taking the time to verify that "s" at the end of "http" may be the difference between whether a cybercriminal steals your information or not.

You should also ensure SSL ("secure socket layer") is enabled by the websites you shop at as this will help protect your personal information. SSL represents a web certificate from a reputable supplier that provides data security. If a site lacks this feature, hackers can seize credit card information.

Before entering sensitive personal information into your browser, look for a lock icon in the website's URL in the address bar (it may be to the left or right of the URL, depending upon the browser you're using) to verify whether the site uses SSL.

3. Use complex passwords. Many retailers will require you to create an account with them before proceeding with a purchase. Consumers in a rush to secure a deal will often use a simple password when creating an account, but this is exactly what a cybercriminal is hoping will happen.

Take the time to create a unique, random password for every new login. It's best to use a combination of letters (both upper and lower case), numbers and symbols. Many accounts will advise whether a password is weak or strong. Never settle on a weak password. If you need assistance coming up with random passwords and tracking them, consider a password management service.

4. Keep your software updated. A good best practice for Cyber Monday and throughout the year is to make sure your software is always up to date. This includes checking for updates and patches for your operating system, browsers and security software, and enabling these programs to automatically check for updates. Doing so will help keep your computer free of viruses and malware, and keep cybercriminals from hacking into your computer.

If you're using a computer running the Windows XP operating system, it would be wise not to use this computer to shop as Microsoft no longer supports it. Without this support, that includes issuing security patches, Microsoft notes that the computer is five times more vulnerable to security risks and viruses, which means you could get hacked and have your personal information stolen. Note: If you're using a computer with Windows XP or the Microsoft Office 2003 office suite for anything involving protected health information, you have effectively become non-compliant with HIPAA and the HITECH Act. Learn more here.

Also, make sure your antivirus and antimalware software are scheduled to run regular scans to check for viruses and malware. If you visit a website or open an email attachment you didn't intend to (more on this below), stop whatever you're doing and immediately run security scans.

5. Be careful when using smartphones or tablets. Many users of mobile devices — smartphones and tablets — believe these devices are not susceptible to threats from cybercriminals. But like regular computers and laptops, they can be hacked, and users can encounter the same threats.

A few important tips when using smartphones and tablets:

• Run antivirus/antimalware software.

• Enable a lock screen password and timeouts that automatically lock your smartphone or tablet. This way, if you lose your phone, criminals cannot easily access the information stored in the device.

• Avoid unfamiliar apps. As with visiting unfamiliar websites, installing apps you have never heard of can leave your data more susceptible to theft. Before installing apps, review the permissions. If the app requests access to personal information that does not seem necessary for its operation, look into the legitimacy of the app before proceeding with approval of the permissions and installation.

6. Think twice before clicking a link or attachment in an email. Did a friend send you a link for an amazing deal? Is there an attachment that shows you this great deal?

Take a moment before clicking the link or opening the attachment. Your friend's email account may have been hacked, or the friend's email address may be "spoofed," which means the email is being sent from somewhere else with the friend's address forged onto its "From:" line. If you click that link or open the attachment, you may infect your computer with a virus or visit a webpage intended to steal your personal or credit card information.

7. Be cautious on social networks. Like links in email, links posted on social media are commonly used for phishing attacks, and harmful attacks may come from people or websites you trust (without their knowledge). Take a moment and really think before clicking links or opening webpages.

8. Use a credit card rather than debit card. Use of a credit card — rather than a debit card — when making an online purchase can help prevent against fraud. Consider setting up alerts on your credit card to have an email or text message sent every time a purchase is made on the card above a certain amount (e.g., $100). This will help you detect fraudulent purchases quickly. The Better Business Bureau suggests paying with a credit card because federal law allows you to dispute any charges, if necessary.

It is also advisable, whenever possible, to use a credit card that offers one-time use, time-limited or virtual credit card numbers. This will help prevent a cybercriminal from stealing your credit card information.

9. Double check email encryption. If it is necessary for you to email credit or debit card information, make sure the email is encrypted so hackers cannot access your information. This is a particularly appropriate time to use a one-time use, time-limited or virtual credit card number.

10. Document purchases, and review your documents. Healthcare providers appreciate the importance of documentation, and this also applies to online shopping.

When placing an online order, save or print a copy of the webpage or email in case it is needed for future reference. Also, make sure to check credit card statements often. Don't wait for statements to come in the mail; check them online regularly to help detect suspicious activity sooner than later.

While shopping online and saving money while doing so can make Cyber Monday a very easy, enjoyable experience, keep your guard up and be aware of scams and fraudulent websites. Shop and pay cautiously, and do not trust third-party communication or any website that may seem the slightest bit suspicious. The savings you may think you can get could end up costing you dearly.

Learn more about PriorityOne Group.

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Top 40 Articles from the Past 6 Months