Palo Alto Networks LIVEcommunity provides 12 important tips for staying safe while shopping online during the holiday season. From not using public WiFi to password security. Learn to protect yourself from cybercriminals.
Safe Shopping During the Holidays
It’s that time of year again! The most festive period of the year is just around the corner, and people everywhere are going crazy for last minute bargains.
Online shoppers get ready for Thanksgiving, Black Friday, Cyber Monday, Christmas, and New Year's sales. Now is the time to find those perfect end-of-the-year deals and discounts in the stores and online. It's going to be chaos at the stores, and many people will prefer to do their shopping from the tranquility of their homes.
There's absolutely no need to go outside and fight traffic or outpace other shoppers for the last items on the shelves you both desperately want. ^_^ Many people prefer the convenience of making online purchases with just a few mouse clicks and having the package delivered to their front door within days!
Online shopping has gained a lot of popularity over the years, and one must remain vigilant. Cybercriminals will try to take advantage of this shopping period and will prepare all sorts of scams to try and trick you. Scams like social engineering, phishing emails, or spoofed and malicious websites are among the most popular ways to trick unsuspecting shoppers all over the world!
It's important to stay alert and spot the red flags that could indicate scammers at work.
Safe Shopping Best Practices
Below, you'll find some tips that can help you be smart and shop safely during the holidays.
Make sure that the software you're using is up to date.
I'm talking about the OS, browsers, and all the applications you might be using on your endhost. This is not limited to your desktop, of course! Since mobile shopping has become more popular, make sure your mobile devices have the latest patches and app versions installed. In doing so, you'll greatly reduce the risk of running into known vulnerabilities and getting infected by malware.
Don't use free public Wi-Fi for shopping!
Using MITM (Man in the Middle) methods, attackers might be listening in on your communication and intercept the traffic. It is best to use a trusted Wi-Fi connection like the one at your home. If you aren't at home, then I'd recommend that you turn your smartphone into a hotspot to connect your laptop to the internet.
Make sure that your connection is secure!
Identify the padlock icon next to the URL. If it's there, that means that the communication between the client and the server is encrypted. A word of caution: The padlock guarantees privacy between client and server, but it does NOT guarantee that you can trust the website! It might very well be a phishing website designed to trick you into thinking that you are on an "official" website. With that said, make sure that the URL makes sense and isn't some weird wordplay of well known websites. Criminals tend to use fake websites with URLs that are very similar to well known websites.
Use credit cards with online transactions, not debit cards!
Debit cards aren’t covered by fraud insurance policies and provide direct access to the bank accounts they’re linked to. Credit card companies give insurance to buyers if the product isn’t delivered.
Be alert of the information being collected!
Make sure you are aware of the kind of information that's being collected when you make an online purchase.If you're being asked for personal data, like Social Security numbers or password information, then that's a definite red flag!
Be wary about pop-ups and ads in general.
While some of them might seem legit, they are often a way for scammers to trick over-enthusiastic online shoppers into clicking them, and then they can redirect you to malicious websites. Be wary of ads that seem too good to be true and just close them or block them out with an ad-blocker.
Don't trust every email you get!
Phishing emails are used to trick shoppers to go to malicious websites and enter their CC information and/or install all sorts of nasty malware in the process. If you receive a suspicious email from an address you never heard of, with a link to an unknown website, don't open attachments and don't go to the website because it can be malicious. By opening the attachment, you could be installing malware on your device. This is a very popular way that criminals try to steal your information or infect your devices. As in the previous tip, if the deal is too good to be true, then just delete the email.
Avoid unknown websites and only shop on websites that you trust!
That new gaming console might look very interesting when it's being offered for $200 cheaper than on other websites. But, at the same time, that shadywebsite.com will be stealing your CC information when you order something from them!
Avoid using the same password over and over again.
If one of the websites gets compromised then all of your other accounts are at risk as well. Ideally, use a passphrase. They tend to be easier to remember and are nearly impossible to hack! Still having trouble managing different passwords? Then I'd recommend using a password manager tool to help you with maintaining your passwords. There are many available options out there (e.g., Keepass, LastPass, etc.).
Watch out for fake or compromised social media accounts!
Fake or compromised social media accounts post links and too-good-to-be-true ads. Just because it's on Facebook or Instagram doesn't mean you can trust it.
Do some research and check for reviews!
If you are buying on a new website, check for existing reviews. Scammers usually don't have reviews. Look to see if there are other customers that post their experiences with the website.
Your movements can be tracked if you have Bluetooth or Wi-Fi enabled.
While you are within range, malicious users can track your location and could possibly verify your shopping habits and send you targeted advertisements. I would advise to disable Wi-Fi and Bluetooth when you're not using it.
NOTE: This list isn't limited to what I've mentioned above. I'm sure many of you can think of other tips and tricks that could help online shoppers get a much safer online experience!
Don't be shy! Please add your advice in the comments section below!