The holidays are a wonderful time of year when we often get to travel to see friends and family, share meals, exchange gifts, and really enjoy some time off from work. But the holidays can also be hectic as we shop online, browse for deals, and make travel arrangements. ORAM Cybersecurity Advisors has put together a few tips to improve your online security in the office and at home so your holidays aren’t stolen by some sorry Grinch in cyberspace.
Online Shopping
Which of us hasn’t used a moment of work time and a company device to shop online at one time or another? Let’s be honest, it’s bound to happen at some point. Shopping online is big and many of us don’t have time to do it outside of the workday. There are some cyber threats that we all take when doing so. Even taking a coffee break to shop on our personal smartphones can put our happy holidays at risk.
According to the National Retail Federation (NRF), 91 percent of consumers plan to celebrate the winter holidays from Hanukkah and Christmas to Kwanzaa. The NRF has forecast that in November and December 2022, total retail sales will increase between six and eight percent despite the current rate of inflation we’re all experiencing.
Online Threats Holiday Edition
While we are all thinking about the perfect gift for each of the special people in our lives, cybercriminals are thinking about how they can cash in on the digital holiday shopping spree.
The 2022 Norton Cyber Safety Insights Report: Special Release- Holiday, found that the majority of holiday shopping will be conducted online this year and the most popular technology-based gifts such as smartphones will be found online as well. This creates some concern about cybersecurity for businesses and home devices alike.
The Norton report showed that while 81 percent of research respondents were very or somewhat confident about shopping safely online, 42 percent also strongly or somewhat agreed that they were not really sure of the best ways to shop safely online this holiday season.
The same report also found one in three Americans (34 percent) admitted to taking more risks when shopping online during the holiday season compared to other times of the year. Such risks included buying from an unknown seller, clicking on online ads, sharing personal information, going on the “Dark Web,” etc. These are things they reported they normally wouldn’t do but were willing to risk to find the ideal gift.
Nearly one in three respondents said they had fallen victim to a scam when shopping online during the holidays, according to the Norton report. Scams that consumers have most commonly become prey to include online shopping scams (13 percent), phishing scams (13 percent), and postal delivery scams, according to Norton. Others included overpayment/refund scams, gift card scams, charity scams, travel-related booking scams, and even pet scams. The most common scam vectors included email (43 percent), social media (37 percent), and text/SMS (27 percent). Another 27 percent were due to third-party websites and 23 percent were by phone.
What’s a Shopper to Do?
The Cybersecurity and Infrastructure Security Agency (CISA) issued a reminder on Nov. 23, 2022, to online shoppers to stay vigilant to cyber threats this holiday season. Some of the ways CISA recommended Americans shore up their online security during the holiday shopping season included the following:
- Check your devices: Before making any online purchases, make sure the device you’re using to shop online is up-to-date and perform updates before you shop. This means running only the most current versions of software, web browsers, and other apps on computers, smartphones, and tablets.
- Look at your accounts: For each account, ask yourself if each has a unique, strong password. If not, change your passwords and employ a password manager.
- Employ multi-factor authentication: Even better, if multi-factor authentication is available for each account, are you using it? If not, employ it now! Multi-factor authentication (also known as two-factor authentication) uses multiple methods for verifying your identity. Even if an attacker gets your password, the multiple-step verification process makes it more difficult to get into your accounts.
- Shop through trusted sources: How are you searching online to find deals? Are you clicking links in emails or ensuring you’re on the correct vendor’s website? Are you clicking on ads on web pages? Stick to online vendors you know and trust. If it looks suspicious, something’s probably not right. Trust your gut.
- Use safe methods for purchasing: If you make a purchase, what information are you sharing? Ensure you understand how your information is used and stored by any vendors. Also, don’t save credit card numbers to vendor websites. It’s safer to type in the account number each time.
More Digital Security Tips for Holiday Shoppers
There are a few more methods for keeping yourself safer when shopping online this holiday season.
- Stick to secure Wi-Fi: It’s tempting to hop on free public Wi-Fi while waiting for that cup of joe at Starbucks to knock out some shopping, but know it’s not safe. NEVER make purchases or conduct business while using public Wi-Fi. If you need to shop while out and about, use your phone as a hotspot or employ a virtual private network (VPN).
- Caveat emptor (Buyer beware): If a deal seems too good to be true, it probably is! No matter how tempting an offer may be, stick to buying from established, trusted online vendors. Avoid websites you’ve never heard of.
- Think before you click: Avoid clicking on ads in social media or emails from unknown sources. Doing so could lead to malware, viruses, or simply a fake account that takes your money, leaving you empty-handed.
- Shop smart: Start shopping smart by ensuring your internet connection is secure. When shopping on a website, ensure it is secure sockets layer (SSL) protected. How? Look at the browser’s address bar to see if there is an “https” in front of the URL rather than just an “http.” You can also look to see if the image of the lock icon is closed on the address bar. Never submit personal or payment information on a website that is not SSL-certified.
- Use credit over debit: When shopping online, use a credit card or a pre-paid debit card. This is safer than using your personal debit card that’s linked to your bank account. If a bad actor hacks a site and steals payment information, your bank account will remain safe and credit companies can refund fraudulent charges. You can also choose to use a third-party payment processor such as Google Pay, Apple Pay, or PayPal instead.
- Watch your accounts closely: Pay close attention to any accounts you use to buy gifts or shop this holiday season. Whether you use a credit card, debit card, or third-party payment processor, check all of your accounts every couple of days. This will alert you to any suspicious charges or unknown purchases. Furthermore, take advantage of text and email alert services now offered by most banks and credit card companies.
- Discourage online shopping at work: Discourage employees from using work devices to shop online and ask your IT department or third-party provider to block popular online shopping sites such as Amazon and Etsy.
- Share this blog: Share this blog with your employees, friends, and family. It could keep them safe from cyber Scrooges this holiday season and beyond.
Though we all want to find the best bargains, especially with inflation hitting our checkbooks so hard this year, we must do so safely and wisely. Following the tips above will help ensure a happier holiday season for everyone.
If you’d like more information on improving your online security, contact ORAM Cybersecurity Advisors now at (617) 933-5060. The call is free and there’s no obligation. Happy holidays from the cybersecurity experts at ORAM!
