Christmas is just around the corner, which means it’s crunch time for online shoppers! It’s also crunch time for cyber criminals, so here are some top cyber security awareness tips for your online shopping.
Mobile phone purchases continue to grow. While you sip your Pumpkin Spice Latte or Gingerbread Chai, do not lack in your diligence to preserve your sanity and solvency by following these sure-fire holiday information & cyber security tips.
DO NOT Deck the Halls with Your Debit Card
Cyber criminals are all about using your bank account to fund their festivities. The banks are very aware of this fact and don’t want to see erroneous transactions…perhaps even more than you!
Do yourself a favor and leave the ATM/Debit card at home this season.
By not using your debit card to make transactions (instead using a credit card or even cash), you can avoid giving the bad-guys direct access to your actual account. This tends to be much harder to dispute and recover than that of the big credit card companies who require merchants to actively protect that data.
And of course, using cash not only eliminates this cyber-attack entirely, but also helps you limit your spending (that’s your free non-security advice for the day).
Stick to the Beaten Trail
Everyone knows that the egg nog-fueled online shopping days are at their peak, and are bursting at the seams with incredible deals to save you tons of cash! Who doesn’t want to save money?!
But the snake-oil salesmen and miscreant merchants are out there lurking, waiting to take advantage of people’s guards being down because of so many unbelievable deals. These deal-days are not the times to venture into new and unknown shopping territory.
When making purchases consider the following:
- Know your vendor: If you haven’t heard of the merchant before and they aren’t on a major retailer hub such as Amazon or eBay, buyer beware. It takes very little effort to put up a website, grab the images to places like the Better Business Bureau, Gold Re-seller, etc. Remember, bad-guys don’t play by the rules, so stick to your known good sources.
- Too good to be true, it is: In the similar vein as the previous tip, if a deal seems too good to be true, it probably is. Again, the trust that you put in the merchant on this is key. If you find a “Buy One, Get FIVE Free” on the hottest gadget or device out there, chances are, it is not legit.
On Wi-Fi? Don’t Buy!
While sitting in the local coffee shop enjoying a latte and happily shopping at the same time seems like a great idea, using public Wi-Fi for making purchases is never a good idea. Even store-wide Wi-Fi where you need to ask the establishment for the password leaves a person open to attacks.
If you are going to shop online over a wireless connection, ensure you are using your own secured Wi-Fi hotspot, a wired connection, or a VPN. The alternative? Your home Wi-Fi…because you did make a good passphrase for that, didn’t you?! (More on that here)
Keep Your Information Stocking Stuffed
With the increase in purchases, banks will be on the alert for fraudulent transactions. Cyber criminals will be on the alert to scam you on this very same premise. If someone calls, texts, or otherwise contacts you about a fraudulent transaction, don’t ignore it.
That said, don’t be forthcoming with information either. Instead, use the old Brit saying: “Keep Calm, and Carry On.” Politely say “thank you”, take note of the e-mail/phone number, and stop the e-mail chain/phone call right there.
You already have a point of contact for your bank or credit card’s customer service department, so instead of continuing with someone trying to solicit information from you, reach out to the known-good number and call it to address the concern.
This will stop cyber-scum from snitching your account info and causing REAL fraud and felonious transactions.
Reset that Wi-Fi password
If you haven’t done so already, make sure you reset the Wi-Fi password this season. As mentioned above, be sure to use something long, unique (meaning you don’t use that password for anything else) and easy to remember.
Airline Boarding Pass
Believe it or not, the amount of information stored within the bar code of your boarding pass when flying, is more than it appears. Keep your boarding pass, or shred it. Don’t leave them on your seat, in a garbage, etc.
Also, do not, and we repeat, DO NOT share your boarding pass on social media.
It’s not that the information on the boarding pass itself is that valuable to a cyber criminal, but announcing to everyone that you are leaving town, opens a lot of avenues for bad guys to exploit you.
For example, your buying patterns change. You likely aren’t monitoring your home/personal information accounts, and so on.
You can post that picture of your toes in the sand when you get back.
Why We Care
If you can’t tell, we actually give a hoot about you, your family, and your business’ safety in transactions and privacy of information. At Beryllium, we’re able to help with all sorts of information security and cyber security needs.
Armed with these basic tips you can defeat most of the tactics and tricks the bad-guys will use to ruin your holiday.
If you have any questions or want to know more, reach out to us and we’ll get the answers you need to ensure a Silent Night’s sleep!
Beryllium InfoSec Collaborative (“Beryllium” for short), is an information security and cyber security company located in Minneapolis, Minnesota. As a small business owned by veterans, Beryllium has 80-plus years of industry experience across industry & government. We are National Institute of Standards and Technology (NIST) information security experts, who know the balance of security needs and operational requirements. NIST provides the definitive compilation of guidelines that all other standards are derived from, either partially or wholly.
Beryllium is unique, in that we use strategic collaboration, education, and a holistic approach to information security & cyber security. From small to medium size businesses (SMBs), to enterprise organizations, our expertise of the NIST information security & cyber security guidance allows us to build unique, compliant & cost-effective solutions for any organization.