Posts

6 More Holiday Shopping Tips

My goal is to not enter a single mall this holiday season. If I can do the majority of my holiday shopping at trusted online retailers, and the rest at Costco, then I’ve done well. To me, malls seem to be places for people with lots of time on their hands to drive around looking for parking spots and then stand in line with other people who apparently all enjoy being annoyed by each other’s pushiness. But maybe that’s just me.

Keep safe and sane this holiday season:

1. Look for indications of online security. Depending on your browser, there may be an icon of a yellow lock at the top of the window, near the address bar, or at the bottom, near the taskbar. If the website is secure, the yellow lock should be closed. Some browsers use a color coding system, displaying red to indicate that a website is not secure and may potentially be infected, or green to indicate that it’s okay.

2. Update your operating system. If your computer’s operating system is out of date, it may invite trouble when heading out to the wild, wild web. Go to your security center to download the latest critical security patches.

3. Update your browser. While your operating system may be up to date, which would mean that Internet Explorer is most likely up to date as well, if you are using Chrome or Firefox, you may need to update manually. Select “About” in your browser’s toolbar to check for updates.

4. Protect your computer with antivirus software. Antivirus protection that includes a firewall will, in most cases, shield you from “drive by downloads” and other malware. Even a major online retailer with a secure website can be vulnerable to criminal hackers.

5. Beware of phantom websites. Criminals love to pull the wool over unsuspecting eyes. One technique is to use “black-hat SEO” to place fake websites at the top of organic search results. Customers who attempt to make purchases via these fake websites are unknowingly transmitting credit card numbers directly to the hackers, and it’s safe to assume they’ll never receive the products they believe they’ve purchased.

6. Check credit card statements often. I still have to search the Internet for the names of unfamiliar retailers that appear on my credit card statements with unauthorized charges. Check your statements online weekly, and refute unauthorized charges within 60 days.

Most major online retailers are already using multiple sophisticated fraud prevention procedures to protect you. Oregon-based iovation Inc. is one hot technology company offering a device reputation service that alerts businesses to suspicious behavior such as someone attempting to hijack your account or use your stolen credentials (and  many others’) to steal from online businesses.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses credit and debit card fraud on CNBC. Disclosures

Tips to Keep Your Online Shopping Secure

With Christmas coming fast, this is a last ditch effort to enlighten, empower and protect online shoppers.  The abridged source of the following information is from the National Cyber Alert System by US-CERT, a government organization.

How do attackers target online shoppers?

  • Targeting vulnerable computers – If you do not take steps to protect your computer from viruses or other malicious code, an attacker may be able to gain access to your computer and all of the information on it.
  • Creating fraudulent sites and email messages – Unlike traditional shopping, where you know that a store is actually the store it claims to be, attackers can create malicious websites that appear to be legitimate or email messages that appear to have been sent from a legitimate source.
  • Intercepting insecure transactions – If a vendor does not use encryption, an attacker may be able to intercept your information as it is being transmitted.

How can you protect yourself?

  • Use and maintain anti-virus software, a firewall, and anti-spyware software.
  • Keep software, particularly your web browser, up to date – Install software updates so that attackers cannot take advantage of known problems or vulnerabilities.
  • Evaluate your software’s settings – The default settings of most software enable all available functionality. Apply the highest level of security available that still gives you the functionality you need.
  • Do business with reputable vendors – Before providing any personal or financial information, make sure that you are interacting with a reputable, established vendor.
  • Take advantage of security features – Passwords and other security features add layers of protection if used appropriately
  • Be wary of emails requesting information – Attackers may attempt to gather information by sending emails requesting that you confirm purchase or account information.
  • Check privacy policies – Before providing personal or financial information, check the website’s privacy policy.
  • Make sure your information is being encrypted – Many sites use SSL, or secure sockets layer, to encrypt information.
  • Use a credit card – There are laws to limit your liability for fraudulent credit card charges, and you may not have the same level of protection for your debit card.
  • Check your statements – Keep a record of your purchases and copies of confirmation pages, and compare them to your bank statements. If there is a discrepancy, report it immediately.

Robert Siciliano personal and home security specialist to Home Security Source discussing Cyber Monday on the Mike and Juliet Show.