For those people who cannot bear the thought of pre-dawn mall excursions on Black Friday or crowded stores over the holiday weekend, Cyber Monday beckons. But just as online retailers are gearing up for the busy day (last year folks spent somewhere in the neighborhood of $3 billion; this year’s number is expected to climb), hackers and fraudsters are likely doing the same.
A stolen identity is something no one wants to unwrap this holiday or any other time; with that in mind, it’s worth doing your due diligence and staying safe while shopping online. While some experts say the only way to truly protect yourself is to pull the plug, there are some simple things you can do to score good deals online without compromising your cyber safety.
Here are our tips:
- Don’t click that link
Experts, like Bob Bunge, a cyber security specialist and engineering professor at DeVry University, who was interviewed for a Consumer Affairs story about online shopping’s identity theft risks, says phishing attacks are more rampant on Cyber Monday for the simple reason that people are more likely to fall for it on a day when screaming good deals are commonplace. A $5 blender? Any other time of the year you might be skeptical but in the post-Thanksgiving shopping blitz, it’s somewhat believable. Bottom line? Don’t click on links sent in an email, instead, type the address directly into your web browser. There are plenty of bogus websites out there posing as leading e-commerce retailers. Be sure you are actually on Walmart’s website, and not some imposter, before inputting credit card information or any other sensitive info. Be sure the URL begins with https and includes the lock sign, signalling it’s encrypted. Bad web design and glaring spelling errors are another indicator something isn’t right.
- Monitor your accounts
If there was ever a time to be watching your financial accounts, it’s now. Be sure you’ve really made every purchase that shows up. If you’re uncertain about something, don’t simply shrug your shoulders and assume your spouse made the purchase or that you forgot.
See if your banking institution or credit card company offers an alert system for when purchases are made. Some banking apps, like Bank of America, even allow you to turn on mobile notifications that can help you keep track. You might also consider using just one credit card (not debit card) to make purchases so if something goes awry, only one card has been compromised rather than multiple. Even better, consider using a mobile payment option, like PayPal.
- Think twice before making a purchase using your mobile device or while on a wireless connection
Why should you think twice before hitting “buy” on your iPhone? According to RSA, a computer and network security company, the number of fraud attempts on mobile users increased 173 percent between 2013 and 2015.
And whatever you do, don’t make purchases while using public Wi-Fi. It might seem harmless, but using a Wi-Fi hotspot — either paid or free — is anything but. Instead they are an easy target for hackers since they’re unsecured or often have shared passwords. The hackers most often strike with what’s called a Man In The Middle Attack, where they watch your data in transit, or maybe they set up a rogue Wi-Fi hotspot with an enticing “FREE FAST Wi-Fi” name (or an evil twin name that’s very similar to one that is legit) and then watch the data you send and collect. Instead, use your phone’s cellular network as a hotspot for your laptop. Some experts, like Bunge, think you should be wary of using wireless even on your home network and recommends placing your order while your computer is hard-wired to the network.
- Consider using two-step authorization
You can opt to turn on two-factor authentication for all your web services, like email. This is when you try to login to one of your services and it text messages your phone a password that you must type in to enter the site. Even if a hacker has your password, they don’t have access to your phone. Vendors like Amazon, Apple, ebay and Etsy all offer two-step verification to its customers. Visit twofactorauth.org for a full list of sites that do offer this security measure.
- Check out as a guest when you can
This way the site won’t store your information. In light of the all the big box data breaches over the last few years, it’s easy to see why this one made our list.
- Use a unique password AND username for each site
If you can remember your password, chances are it sucks when it comes to security. The best passwords have a random combination of letters, numbers and symbols. And while you might be used to hearing the password advice, you might not know that usernames are important as well. Even using StoreName+YourName is better than just your name.
No matter how secure you are, the fact of the matter is identity theft isn’t a matter of it but when. LibertyID has helped 60,000 people get their lives back after their identities were stolen. Insurance companies don’t cover identity theft. LibertyID will cover you. Call us at 844-44- LIBERTY to get covered. That way, when something happens, you’ll have someone to call. Our army of trained specialists will go to work immediately to get everything back and restore your identity back to pre-event status.