Shopping & Security On Cyber Monday
Shopping on Black Friday, the day after Thanksgiving, can be chaotic and downright scary. The following day, Small Business Saturday, is worthwhile but may not yield big savings. No wonder so many people decide to wait until Cyber Monday for the best online shopping deals of the year.
But Cyber Monday holiday shoppers should proceed with caution. The popularity of this fairly newish event combined with tons of public wifi and the simplicity of one-touch mobile transactions gives cyber-criminals and hackers a perfect opportunity to con unsuspecting consumers.
There are sure to be plenty of bogus websites and phony emails with every intention of separating you from your money — or worse — your identity. So, if you’re planning on post-Thanksgiving shopping from your laptop or mobile device, here are 2 important tips to help you stay safe.
1. Change your passwords on any site where you regularly shop or bank.
Lately, you can hardly go a day or two without news of some massive data breach. And as they say “if you haven’t been hacked yet, you’re probably not online.” That means it’s entirely possible that some of your information is already out there, and hackers just haven’t gotten around to using it yet. And while it’s good security practice to change your passwords regularly, many people find it to be a cumbersome chore that they put off over and over again. It’s painful, yes, but now is as good a time as any. Take care of this precaution before you get into a shopping frenzy and forget.
Good news: you don’t need complex, difficult to remember passwords for every account. Identify the highest-risk services you use: personal banking, online shopping, healthcare, social media. Take caution with those, but for everything else that doesn’t have an element of high risk (Pinterest, Fantasy Football, etc.), feel free to use easy to remember passwords. Just don’t reuse those easy-to-remember passwords on high-risk sites. That’s the easiest way to get hacked.
2. Enable two-factor authentication (2FA) wherever possible.
Better than just changing passwords, utilizing 2FA wherever possible provides an additional layer of strong security linked to your device. That means that even if an attacker were to get access some of your information—like a username and password pair—they would still need your smartphone or laptop in order to act on it. You can use a mobile authenticator app, like the free Authy mobile app, to accomplish this on a lot of standard web services.
Adding 2FA is a way more convenient and sustainable solution than changing passwords on a regular basis. Unfortunately, you’ll find you aren’t able to use 2FA everywhere you shop. Many sites don’t offer that level of protection. But the industry has taken significant steps over the last year to promote wider adoption and use of two-factor authentication. Take a look through http://twofactorauth.org to determine which of the services and sites you use has enabled 2FA for account holders. Some of the big ones include Amazon, Ebay, Apple, Mercado Libre, and PayPal (TouchID).
Other things to keep in mind this Cyber Monday (and beyond):
Know who you’re buying from.
Often attackers will try to mask themselves as legitimate sites. To keep yourself safe, only visit sites by manually entering the URL or via Google search results. Also, look at the URL when you arrive at the website; if it starts with an “https”, it’s safe to assume that the site is secure.
Don’t respond to email offers that look too good to be true.
As mentioned above, attackers may also try to entice you to click on malicious links or fill out forms with your personal information through amazing offers made to look legit. Hackers are often keen designers and can make a forgery look very realistic. In general, if it looks too good to be true, it probably is. If you’re interested in a particular offer you receive, go to the website yourself rather than through the email link to see if it’s on the actual site.
Monitor your credit card and debit card transactions
During the holidays we tend to spend more. We might buy more spontaneously or pick up the tab more frequently when our with friends. Periods of increased activity give attackers the ability to “sneak” fraudulent purchases without you noticing. So, during ramped-up spending cycles, remember to monitor all of your financial accounts. If you’re checking your statements daily, you’ll be able to stop or prevent further fraud rather than having to go back and try to remember what was purchased—and where—at some point in the new year.
Good news – some financial institutions—like Chase Bank—are already employing proactive SMS fraud alerts that allow you to prevent suspicious charges. But don’t rely just on these alerts alone. Be vigilant! With increased holiday spending activity, it’s a lot more likely for something to go unnoticed.