The holiday season is here, and that means consumers will be opening their wallets to gear up for parties, gift exchanges, and family gatherings— and an increasing amount of this spending is being done online. A survey conducted by UPS found that 2016 marked the first year where consumers reported making more purchases online than they did offline, at 51%; this is up from 48% in 2015 and 47% in 2014.
It’s easy to understand why so many of us have embraced online shopping: It’s easy, convenient, and far less stressful than cramming into a crowded mall or lining up outside a store at 3 a.m. in eight-degree weather. Unfortunately, online shopping has also opened up consumers to cyber crimes. While consumers scour online shopping sites for deals on gifts and Christmas decor, cybercriminals lurk behind the scenes, ready to harvest credit card information and personal data.
I spoke with Santosh Varughese, President and CEO of Cognetyx, about what consumers can do to stay safe from cybersecurity threats while shopping online. Here’s the insight he shared with me:
1. Make Sure Your Devices Are Up To Date And Have Anti-Virus Protection
The first step to protecting yourself from cyber crimes is to ensure that all of your devices, whether a desktop, laptop or cellphone, are kept up to date. New cyber threats emerge daily, and OS and software updates often can address them. This includes updating your web browsers—something that’s easy to overlook.
No computer should be without anti-virus protection (not even Macs). Preferably, your anti-virus software should include additional cyber attack protection, such as firewalls and spam filtering.
2. Secure Your Home Network
Most people don’t change the default passwords their devices are shipped with. These default passwords are widely available online. Armed with this information, hackers are able to take control of peoples’ routers and other smart devices, often without their knowledge, that are then used to launch a massive cybersecurity attack.
- If you have not yet changed your router’s default password, do so immediately, as well as the default passwords for your smart TV and any other smart devices in your home. Hackers can use ‘unsecure these devices’ to break into your network and make their way to your computer.
- Ensure that your wifi network is secured with WPA2 and requires a strong password for access. Change the default password your internet provider assigned you when your internet service was first connected.
3. Stick With Known Retailers And Double-Check URLs
Sticking with popular and reputable e-commerce sites, such as Amazon, Walmart, or eBay, is always a good practice. However, it is incredibly easy for hackers to set up a phoney version of a legitimate retailer’s website, so always check to make sure you are accessing the website you think you are:
- When in doubt, use an online fake website detector.
- Beware of buying from sites with domains that end in “.org”, “.tv”, and other extensions that are almost never used in e-commerce.
- Look for a “green lock” indicator directly to the left of the URL. If this is missing, this means the site does not have a high level of security that has been guaranteed by a known entity such asVerisign or Symantec.
- Make sure that the website’s address begins in “https,” which indicates that the website is secure and the information provided by you will be encrypted.
- Double-check the site’s URL for minor variations in spelling.
- Type in the URL by hand or use your browser bookmark; never follow links from social media posts, emails, or SMS messages.
4. Be Careful Using Mobile Shopping Apps
Mobile internet access is exploding, with mobile representing over 65% of all digital media time – and apps are being used more often than mobile websites. Mobile analytics company, App Annie, reported that consumers spent a whopping 80 million hours on mobile shopping apps in the week leading up to Black Friday this year. Shopping apps are convenient and often offer better functionality on a mobile device than a website. However, just as hackers can set up phoney websites, they can also build fake shopping apps, so follow these precautions:
- Download shopping apps only from reputable sources, such as the Google Play Store or the Apple App store.
- Before downloading an app, read the reviews and comments to see if anyone else noted something suspicious – or if the app has nothing but glowing reviews that sound like they were all written by the same person.
- Don’t just click “I agree” without reading what permissions an app asks for. Read them carefully, and if you see something that bothers you or that doesn’t make sense, such as if the app wants to access your contacts, don’t allow it to do so – or discontinue the installation.
Additionally, you should always log out of online shopping (and banking) apps completely after you are done using them, and don’t let your mobile device store any of your passwords or payment information. Enable a passcode on your phone or tablet in case your device is stolen.
5. Pay Safe
When shopping online, payment methods matter:
- Never pay for an online purchase with a wire transfer; this is a favorite method of scammers.
- Avoid paying with debit cards or e-checks, as this could tie up the money in your bank account during a dispute. Use a credit card with strong fraud protection or a Paypal account that is linked to one.
- If you don’t have a credit card, use a prepaid debit card.
Additionally, you should never access your bank account, make purchases, or transmit any other sensitive data over public wifi networks, such as those found in hotels, airports, and restaurants. If you need to buy something or access your bank account while on the go, set up your mobile phone as a secure wifi hotspot and tether your computer to it. Make sure that you set up the tethering using a secure password and WPA2 security, and turn off the tethering capability when you are finished using it.
6. Consider Using a VPN
For extra protection when shopping or banking online, consider using a VPN, or a virtual private network. A VPN creates a secure, encrypted connection between your computer and the VPN provider’s server, allowing you to make purchases and access your bank account even on an unsecured or public wifi connection. This prevents anyone from intercepting your activity in a man-in-the-middle attack. Using a VPN is easy and requires no additional hardware, and any desktop, laptop, or mobile device can use a VPN. There are multiple VPN services available; some are free, while others require a paid subscription.
Shopping apps, “deal” websites, one-click checkout—the same technological advances that have made online shopping so easy have also made it possible for hackers to compromise the networks of even the biggest retailers. But by taking proactive steps to protect yourself and your personal data, you can keep cyber criminals from spoiling your holidays.
Featured photo credit: Shutterstock via shutterstock.com