Staying Safe during the 2019 Holiday Season
By Jeremy Louise | December 18th, 2019
As always, the best security precaution is to be aware of your surroundings and ensure you’re adequately equipped to address some of the more hostile aspects of that environment. Today, this not only applies to your actual physical surroundings but extends to the cyber world as well. This fact should be kept in mind year-round, but there should be a higher degree of awareness this time of year when consumers are even more susceptible to cyber-attacks and theft. Today, we look into some of the most common- and a few less common- ways in which hackers can compromise your digital assets as well as the proven tools and methodologies that can help minimize your exposure to cyber risk during the holiday season
Avoid 3rd Party Apps; Use Retailer Apps
Mobile apps can be powerful shopping tools that can help significantly reduce the logistical and mental toll of shopping at traditional brick and mortar stores- especially this time of year. Despite the alluring discounts and ease of use these apps provide, they can also pose a tremendous security risk if they’re under the control of a hacker. Oftentimes, these 3rd party apps are infected with malicious software, commonly known as malware and hackers can then gain access to your mobile device that can easily dampen the already challenging holiday. Although at the time you may have felt you were finding a great new app, the reality is that your data has now been compromised and you’re now subscribed to an expensive service without your knowledge. Unless you’re regularly reviewing your credit card statements, you won’t likely notice the fraudulent charges until several billing cycles after when the damage has since been done. How can this be avoided altogether? Avoid unverified, unsecured, 3rd party apps! The best way to protect yourself from these types of compromised apps is to ensure you only download apps from reputable stores such as Apple’s App Store, the Amazon App Store, Galaxy Apps or Google Play and that they’ve been thoroughly reviewed and adequately vetted. Some major providers like Google Play scan their apps for malware before publishing them but there is no stronger defense than maintaining your awareness and incorporating common sense when determining what apps to use.
Stop Storing Credit Card Account Payment Information
Storing your payment information online is certainly convenient if you frequently shop online, but it is only as secure as the safeguards both you and the online retailer have in place to combat cyber-crime. Unfortunately, many retailers aren’t nearly as secure as they should be, allowing your payment information to be easily accessed by a hacker who can use it to make online purchases. It’s best to skip the auto fill option altogether when ordering online and use a password management tool to keep track of passwords.
Be Aware of Your Physical Surroundings
Unfortunately, some hackers are able to read the information on your credit cards while the cards are still in your wallet by using highly sensitive card readers by employing a technique known as skimming. This can occur anywhere and as you can imagine, it’s not difficult to find a line of shoppers to try accessing their credit card information. Fortunately, there are a number of security devices now available to protect your credit cards from skimming that block the electromagnetic signals emitted by card readers. Once placed over the credit cards, these devices prevent remote card readers from skimming your cards. Although these precautions are effective, it’s always best to be aware of your surroundings and to maintain a high degree of vigilance to check your credit card statements as frequently as possible.
Use Apple and/or Google Pay; It Can Help
Mobile apps such as Apple Pay, Google Pay and Venmo provide a digital wallet feature which can increase your security posture by shielding your credit card information. Digital wallets provide merchants with a unique one-time code, rather than your actual payment information, so hackers can’t see your payment information. Unfortunately, many retailers are still not adequately addressing today’s most common cyber security issues, which present a number of issues to consumers. Using this security feature not only prevents hackers from accessing your credit card information, it also limits the type of data they can retrieve if the retailer in question has also been unknowingly compromised.
Stop Shopping Online at Starbucks; Using a VPN for Public WiFi Networks
It’s tempting to use a public WiFi networks to do your shopping while in a restaurant or coffee shop. However, the passwords from these networks are readily available, which allows any hacker with a modest amount of technical knowledge to sign on and intercept your data while you’re using a public WiFi. Shopping online routinely requires submitting personal and/or payment information, both of which are of great value to these types of hackers. For this reason, you should avoid and if possible altogether, never visit any websites while connected to a public WiFi.
If you must shop on a public WiFi, you should at least use a virtual private network (VPN). This technology creates a secure connection by encrypting the communication between your mobile device and a server on the internet so nearby hackers can’t read your information even when they’re able to compromise the WiFi network. However, the VPN won’t prevent someone from directly observing what you type into your mobile device, which includes a number of techniques collectively known as “shoulder surfing.” Low-tech methods involving mirrors or just good peripheral vision allow hackers to obtain your information more easily than you might think when you use your mobile device in a public place. Again, know your surroundings and be aware of those around you. Hacking is a ‘full contact sport’ and includes very complex to extremely simply means of accessing your personal information.
Confirm Your Retailers’ Security Policies
This oldy but goody can easily determine if the web site you’re shopping on is secure by referring to the URL bar on your web browser. The URL of a secure site will begin with “https://” rather than “http://” and a lock icon should appear somewhere on the URL bar, usually just to the left of the URL. Sites that require passwords or personal information should always be secure, meaning they mask the data you provide. Simple rule of thumb is to avoid these unsecured sites all together and at the very least, not provide any information you would otherwise consider as sensitive- such as credit card information or PII.
Be Aware of Emails
You will often receive email messages promising special offers, especially during the holiday season. Many of these messages are harmless advertising, but they may also carry malware that can infect your computer when you open them. Always check the sender’s address to ensure you recognize it before clicking on an unread message in your inbox. Otherwise, and to be perfectly safe, you should just delete the message or move it to your trash folder without ever reading it.
Even if you think you recognize the sender, an email message could still be from a hacker attempting to pose as someone you know. This form of attack is known as phishing, which includes a variety of specific techniques such as pretending to send you an offer from a big box retail store where you probably shop. A quick look at the sender’s address will easily expose most of these phishing attempts, but more sophisticated schemes will use an originating address that’s virtually identical to that of a legitimate retailer. In these cases, the URLs may differ by only one character. To learn more, here’s a great video overview that can hopefully help; https://fortune.com/2017/07/13/email-security-phishing/
Check your Accounts…Again!
Your credit card statements will typically become longer during the holidays, making it easier to miss fraudulent charges. However, the pain of ignoring this task can result in more than just having to cancel your credit card, so if you’re shopping heavily, you should check your statement at least once each week. Most if not all, credit card companies now allow you to configure your account to send you a text or email message alerting you of new charges on top of a number of other security tools- such as multi-factor authentication- that should be implemented as soon as possible.
In conclusion, the best approach for protecting yourself from these scams requires a combination of technology and common sense. Although there will always a trade-off between security and convenience, implementing some of the basics outlined in the article will significantly help minimize the chances of ruining your holidays and ensure that your personal information is well protected.
The best approach to protect yourself
To learn more about how you can make your business and personal information more secure contact TSI today.