Posted: 11-20-2017 in: Consumer, Security

The National Retail Federation reported that 2016 holiday shopping revenues exceeded $655 billion dollars.
Unsurprisingly, it isn’t slowing down! For November and December 2017 – excluding automobiles, gasoline and restaurants – they’re predicting an increase of between 3.6 and 4 percent this time around, for a total of about $680 billion!

… Also up this season?: Your likelihood of being targeted with a cyber threat!
Proceed with caution: With online shopping comes the potential for you to be phished and scammed into losing control of your information. Safe online shopping could mean the difference between a panicked, violated feeling and a warm and fuzzy one this holiday season.

So, how do you protect yourself?
We’ve been doing this for a while, and in our experience there are a few tried and true best practices we can share that will most definitely assist you in avoiding the aggressive nature of those online threats.

Best practice #1: Do not use your debit.

When making purchases on Amazon.com, or other awesome E-Commerce sites, use a credit card. Do not use a debit card!

The reason you want to use a credit card is so you protect your bank account. Your debit card is linked to your bank account, of course, and if this data gets into the wrong hands you could find yourself with a bank account balance of zero dollars if it’s emptied by thieves.

With a credit card, there’s a benefit called a chargeback. A chargeback is a way for a credit card company to instantly give you your money, or credit back, when a transaction is charged that’s not legitimate.

When you have a transaction that’s charged to your debit card, that’s not legit, you have to work with your bank to get your hard-earned money back. This process is slow, exhausting, and also may include filing a police report in order for your financial institution to give you what you’re owed.

Plus, with your bank account being compromised, thieves could potentially use your info to open lines of credit, and wreak havoc on your credit score and financial foundation.

By using a credit card, if a thief happens to get a hold of your info and charge a bunch of nefarious purchases, you’re not out any cash. Just credit. Which can easily be credited back to your account in a matter of minutes.

So, use credit cards when possible in order to have an enjoyable online shopping experience this season!

Best practice #2: Use A Secure Connection.

Make sure to not use open, public, or unsecured wi-fi when making online purchases if you want to ensure a safe online shopping experience.

Believe it or not, the wifi at the mall, at your dentist’s office, or at your cousin Jane’s house may not be secure, despite their best efforts. When you use unsecured wifi, you open yourself up to potential hackers called eavesdroppers. Eavesdropping is the practice of hackers essentially capturing sensitive communication at public hotspot locations like cafes, restaurants, airports, and hotels. They snag emails, passwords, and unencrypted messages, and can hijack unsecured logins to popular websites. The end game is for hackers to see packets of information from what you’re browsing on different websites, take this info, and use it for fraudulent purposes.

If you must purchase online, here’s how to use public wifi with some degree of security.

  • When you log in to a website make sure that your connection is encrypted. The URL address should start with https instead of just http.
  • Make sure your connection stays encrypted during your online session.
    Some websites, including Facebook, will encrypt your login and then return you to an unsecured session, leaving you vulnerable to hijacking.
  • If you have it available and you understand the cost and data usage implications for your cell plan, use your own dedicated mobile hotspot!
    Skip the “free wifi” at your local shops.
  • When checking email, login via the Web browser and ensure that your connection is encrypted (again, look for https at the beginning of the URL). If you use an email client such as Outlook, make sure your POP3 or IMAP and SMTP accounts are configured with encryption turned on.
  • If you’re a bit more savvy, then we do recommend shopping over a VPN, or virtual private network.

By being aware of the different wi-fi and networking tactics, you’ll stay much safer this season.

Best practice #3: Watch for scams!

Be wary of emails in your inbox that look too good to be true.

Our junior high school civics teacher used to say, “If it looks like a duck, talks like a duck, then it’s probably not a horse.”
The point: If you get a strange, non-branded email, from a retailer or person you’re not familiar with then do not open it or click on any links in the email. Once you do click on any links, you instantly open yourself up to malware, spyware, or ransomware infecting your computer.

Emails that come from national retailers are pretty safe if you recognize the signs. They’ll be well-branded and feature some sort of discount code or cyber-Monday offering in them.

Emails that come from some strange @hotmail.com email address or even a recognizable source with a spelling error… asking you to click on them or send money… are suspicious.
Don’t open them, or click on them!
Just delete them, or mark those emails as spam and let your email software do the rest.

Want to get some training to better spot phishing and other scams? We are willing to bet that your employees are putting your company’s network at risk every day, in fact, by not seeing the signs of scams. Cooperative Systems does offer a program to specifically address this problem. Click here to learn about our Security Awareness Program For Employees.

Be safe this holiday shopping season.

At Cooperative Systems, we love the holidays, but we are less excited about the unintended consequences that come along with shopping online if you’re not careful.

So, we’re here to help. We can help you plan and execute security policies that protect you and those on your business networks from thieves. For more help with this and a whole host of other relevant IT concerns, get in touch with us.