If you’re anything like me, you get really excited when the holidays roll around. The music is cheerful (the Hallmark Channel is on 24/7–high five!), the fireplace is roaring, and I can curl up with my blanket and mobile phone to SHOP ONLINE (of course). Ah, the spirit of the holidays…But the bah humbug part about the scene I’ve just set, is I’m not the only one feeling “festive.” Cybercriminals LOVE when surges in online shopping occur because people are looking for the best deals on gifts, bargain hunting, and planning for the biggest online shopping days of the year: Black Friday and Cyber Monday. This means adversaries can more easily manipulate our holiday spirits with cyberattack methods like phishing and social engineering, credit card fraud, and more.
So while you prepare your winter festivities and “add to cart,” consider these 12 tips to keep your “digital dwelling” safe and warm during Cyber Monday and Black Friday, especially.
Shop from websites you know and trust.
Don’t click on those flashy “hot deals” that are likely too good to be true. Scammers deliver ads based on your interests, offering sweet discounts or great deals to get the click. Now is NOT the time to experiment with new retail websites and apps.
Don’t go “public.”
Avoid public Wi-Fi when using the Internet, especially when accessing sensitive data like your bank account balance or emails. Your personal information isn’t a “gift” you want to give a hacker this holiday season.
Update your operating systems.
With a little more downtime during the holidays, take a merry minute to keep your operating systems as current as possible. This also goes for apps on your phone.
Refresh your passwords.
Enter into the New Year with stronger, more secure passwords—something that will keep a criminal out of your personal property and prevent identity theft. Things like symbols and numbers to replace letters add a layer of complexity that make passwords harder to crack. Consider using a password manager to store all your different passwords so you don’t forget them!
To ensure you are protected from any precocious cyber predator, check our security awareness game inCyt, a fun way to learn cyber concepts and attack methods while cozying up on your couch with a hot toddy. You can practice proactive cyber readiness during the holidays—and year-round with this sweet resource.
Don’t click on suspicious links.
Scammers, like the Grinch, will impersonate real online retailers and stores to get you to open an email and click on links while you are holiday shopping. Don’t! This phishing email tactic opens the door for them to install malware on your computer and before you know it, your data is stolen and compromised.
Look for the lock.
Secure websites will often have a lock icon in the browser address bar to indicate it is a secure connection.
Get creative with security questions.
Your mother’s maiden name or favorite food can most likely be found online somewhere, so try getting creative with your security questions to access your accounts. Choose a motto you live by perhaps or choose an answer to a question that is completely opposite of what you would select.
Watch your bank and card activity.
Hackers can see your financial activity when you’re sleeping and when you’re awake if you’re not careful. Diligently monitor your bank account, online transactions, and card activity and notify your financial services provider if you observe any suspicious activity.
Some devices will auto-connect to available wireless networks. Ensure you are only connected to wireless and Bluetooth networks when devices are in use or about to be used. Unknowingly being connected is the opportune time for hackers to cause damage right under your nose.
Store devices when away.
If you’re a busy traveler, criminals seek out meal times to check hotel rooms for unattended laptops and mobile devices. Be especially wary when attending conferences or trade shows as guest networks tend to be more vulnerable to attacks (and allows hackers to access lots of data from lots of people, who are all in one convenient location).
Activate double authentication.
If you haven’t done so already, ensure all your apps have a double authentication factor so every time someone tries to log in to your online account, they need a code or key that is texted to your phone or sent to your email to gain access. That makes unintended access to things like social media accounts more difficult for cybercriminals.
Practice persistent protection.
Hackers aren’t just looking to exploit individual data, they also target businesses knowing many take extra time off this time of year to spend with loved ones. Ensure your company has a strong cybersecurity response plan in place and key members of your threat intelligence, analysis, and fraud teams are consistently practicing responding to threat scenarios. Our Project Ares platform runs on Microsoft Azure, so professionals can practice cyber offense and defense from anywhere, at any time on a gamified cyber range.
It’s important to practice safe online behavior all year-round but the holidays bring about an extra level of digital activity hackers love to exploit. Make sure you are taking proactive measures to ensure you are having the most wonderful online shopping day of the year—and cybercriminals aren’t.