Christmas shopping spree just started. So the scammers are also keeping the engine revving. Ready to take advantage of all those online transactions.
Remember to stay safe online during the spike in spending that occurs this time of year. An ounce of cybersecurity prevention is definitely worth a pound of cure. It can also save you from financial or/and personal nightmares.
Here are some safety tips to improve your Christmas online shopping.
Check for device updates before shopping
Computers, tablets, and smartphones with outdated software are vulnerable. You may not want to wait for a 10-minute iPhone update, but it’s safer.
Hackers often exploit vulnerabilities in a device’s operating system. Updates install patches for known vulnerabilities and mitigate risks. Be sure to install all updates before using your device for Christmas online shopping.
Don’t go to websites from email links
Yes, it’s annoying to have to type “amazon.com” instead of just clicking on email link. But phishing scams hit a record high this time of year
Clicking an email link to a malicious website can initiate an automatic download of malware.
We recommend going directly to the website instead of clicking on any links. Save websites to your browser as shopping bookmarks to make things easier. This is safer than clicking text or email links.
Use a wallet app if possible
Giving your debit or credit card to a website is always risky. If you’re holiday shopping on a website you’ve never purchased from before, your risk is even higher.
Purchase with wallet app or PayPal whenever possible. This eliminates the need to provide payment card details directly to merchants. Instead, it is shared with a wallet app service (Apple Pay, Google Pay, PayPal, etc.). But dealers don’t get them.
Remove All Saved Payment Cards After Checkout
There are many websites (including Amazon) that automatically save your payment card details. This is bad. Yes, it might make your next purchase more convenient, but it puts you at risk. Hackers with access to your device and account can make purchases.
There is also the risk of invasion of merchant privacy. These are common and can reveal sensitive customer payment information. The fewer databases you can store your payment details, the better your security.
You can remove your payment details immediately after checkout. Usually, you have to go to your account settings to do this.
Make sure your website uses HTTPS (emphasize the “S”)
HTTPS is standard for most websites. This is a replacement for “HTTP” without the “S” at the end. HTTPS means that the website encrypts data sent through the website. Such as your name, address and payment information.
Never shop on websites that don’t use HTTPS in the address bar. An additional indicator is the small lock icon in front of the website address.
Check your website URL again
We all make typos from time to time. Especially when typing on the small screen of a smartphone. A typo can lead you to a copycat site (such as Amazonn(dot)com).
Hackers Buy Real-Like Domains for Popular Retailers
Next, set up a mimic page intended to trick users who mistype the URL.
It takes a few seconds to verify that you have accessed the correct website. Do this before you start shopping.
Never Shop online on public Wi-Fi
When you connect your device to public Wi-Fi, you can expect strangers to follow you. Hackers love the holiday season and hit popular public Wi-Fi spots.
They spy on the activities of other devices connected to that same free hotspot. This can give them access to everything you type in. Such as passwords and credit card information.
Do not shop online when connected to public Wi-Fi networks. Instead, turn off Wi-Fi and switch to your carrier connection.
Beware of Forged Emails and Texts
Phishers were very active during the 2021 holiday shopping season. There was 397% increase in misspelled domains associated with phishing attacks.
Phishing is always something to watch out for, but it’s even more dangerous during the holiday season. Attackers know that people expect holiday sale emails from retailers. They also receive a barrage of order confirmations and shipping notifications around this time
Hackers use these emails as templates. It mimics brands such as Currys, UPS, and Amazon. Your email looks almost identical to genuine one. They trick you into clicking on malicious websites and logging into them.
Pay attention to brand identity emails. This is another reason why it’s always better to go directly to a website than using an email link.
Turn on banking notifications and check your account
Phishing Check your bank account regularly. Look for suspicious charges that may indicate a violation. One way to automate the monitoring process is to set up bank notices through your online banking app.
Many banks can set up alerts for events such as:
- When purchases over a certain amount are made
- When purchases are made from outside the country
Is your Mobile Device Secure?
Mobile phone malware is commonly used in Christmas shopping scams. How safe is your device from malicious apps and malware? Contact us today for a security check.