As we all work through our holiday gift giving lists this "Cyber Monday," it's important to be cyber aware of "the Grinch" lurking in the corners waiting to steal our confidential information. So, before you begin to cross the names off your list while experiencing that great sense of accomplishment, take a few moments to read through these "cyber shopping" best practices to protect yourself and your personal identifiable information (PII). Nobody wants to spend the holidays recovering their data or identity.
Cyber Monday Practice #1 - Website Plum Pudding
While choosing to do your shopping online, one of the first things you need to ensure is that the websites you're clicking "checkout" on are legit and well-known websites. To understand if they are, pay attention to these signs:
- Many fraudulent websites will use names similar to the well-known brands (ex. Nike, Calvin Klein, etc.) but have a mispelling or additional word (ex. walmartdiscounts.com instead of walmart.com).
- There is no 'Contact Us' page or contact information. Companies that are selling items always have a way in which to provide answers to questions or inquiries.
- Ensure that the login, create account, and payment pages are all secure. Secure websites will have the HTTPS: vs. just HTTP: however, do note that cyber criminals will often use SSL (Secure Socket Layer) certificates these days on their malicious websites - do not simply trust a website because the URL contains HTTPS.
Cyber Monday Practice #2 - Sales Offer Email Fruitcake
As a result of "Cyber Monday," you will receive many emails from various online retailers sharing sales, discounts, and offers. Before clicking on the links within the emails, verify that the following is in place:
- Instead of clicking on the email link, go directly to the seller’s website and enter the domain. Do not trust links sent to you in an email or found in an ad. Also, be wary of smartphone apps that you are not familiar with; these can be compromised as well.
- Ensure that you recognize the 'from' address and that it matches the website domain URL. Oftentimes, fraudulent emails will have mismatching or mispelled 'from' email addresses.
Cyber Monday Practice #3 - A Credit Card in a Pear Tree
Now that you've established the email you received was safe and you clicked on it to be brought to a safe website domain, you're ready to make your holiday purchases! But, wait, how are you going to make that purchase?
Instead of using your debit card that links directly to your bank account, use a credit card. Although nobody likes to carry a credit card balance, it's important to protect your bank account from holiday slime.
Think of it this way, if your debit card is breached, you will have to freeze the card and stop payments within your bank account while trying to dispute each errant charge (this can take a while and incur more fees). In the meantime, you can't pay your bills, go out to lunch, go to the ATM for cash... you name it. This is not a situation you want to be in over the holidays. With a credit card, it's much easier to dispute charges (a credit card company will always fight back for its money) and close the account without having to put your life on hold as well.
Cyber Monday Practice #4 - WiFi Sleigh Ride
While you go ahead and take advantage of "Cyber Monday," there's one last rule of thumb to follow to protect your information. Make sure that when you are ordering gifts online, you are not doing so over public WiFi—order online from home.
It may feel great to purchase items online while enjoying a Grande Soy Mocha Latte at the local coffee shop, but take our word for it; your credit card may be taken for a spending sleigh ride if you do.
Keep these best practices in mind while holiday shopping this year. After all, this is supposed to be the "most wonderful time of the year."
To learn more about how Systems Engineering can help your organization prevent stolen PII, email firstname.lastname@example.org or call 888.624.6737.