Top 5 Cybersecurity Holiday Shopping Tips

Top 5 Cybersecurity Holiday Shopping Tips

As we enter the holiday shopping season at full speed on Friday, with many places as early as Thursday, we will be spending more money as a society. Thieves, criminals, and malicious hackers know this and are standing by to steal your purchases and your data. This blog post is meant to act as a preliminary guide to help you stay safe. We encourage you to share this with all your friends so everyone is aware and has a happy holiday season.

1. Physical Security

Premise

Criminals will be looking for opportunities to physically steal items. This could be items you’ve bought or your financial information, such as checks, cash, and credit cards. They will be watching for opportunities in crowded parking lots, when they have the chance to blend in and loot your car or even steal it.

Mitigation

Try to park in well lit areas. Keep your phone and keys nearby. You may want to carry a small canister of pepper spray. Shopping in pairs or teams will help to allow one person to unlock the car while the others remain alert to the surroundings. Place all valuables out of plain sight. If you fall victim to theft, immediately report it to the police and any financial institutions that issued anything that was stolen.

2. Online Shopping

Premise

This is problematic year-round. This is a period of increased scams, malware links, and more active attempts to compromise websites and/or fool the users into clicking bogus links.

Mitigation

Ensure you shop on reputable sites: Amazon, Wal Mart, Target, etc. Ensure that you are on an HTTPS vice http site so that it is encrypted. If a deal seems to good to be true, it probably is. Be wary of what you click and what people tag you in on social media. Ensure that your malware protection is up to date. Consider using something like PayPal for online transactions with smaller retailers. Do not shop online using public or non-secured Wi-Fi, people can easily sniff and capture your information.

3. Credit Card Safety

Premise

This is a time when people have their credit card numbers and information stolen.

Mitigation

Review your statement and account information often. If you find something out of the ordinary or something that does not make sense, call the card issuer. Dispute charges that are not yours. You are only liable for the first $50-500 depending on the issuer IF YOU USE CREDIT vice DEBIT. Shred all credit card related documents. You may also want to consider Google Wallet or Apple Pay if you have a device that supports it.

4. Credit Reporting

Premise

If someone successfully steals your identity or any information that could be used to do so, they will likely try to take out credit cards or loans in your name. You may or may not receive the documents. There is little you can do to find out about this aside from checking your credit reports.

Mitigation

You should already be checking your credit report regularly. This is a good time of year to check. You can use sites for the bureaus: TransunionEquifax, or Experian; or you can use sites that monitor all three bureaus like Credit Score CompleteCredit Karma, or True Credit. If you find a discrepancy on your report, contact the organization that granted the credit and your local authorities.

5. Oversharing Information and Social Engineering

Premise

We will all be taking pictures with our families. We will probably be posting them to social media. Depending on your security settings, this could be viewed by outsiders. They could have the intent of social engineering you to gain information to steal your identity or other nefarious purposes. Pictures of children are frequent targets for predators seeking child porn.

Mitigation

Before you post, review your security settings. I highly discourage you from posting global or publicly visible posts. When/if you receive a friend request from a random person, decline if you don’t know them or have few people in common with them. Additionally, be cautious with any requests for information, namely:

  1. Parent’s Names and/or Maiden Names
  2. Schools you attended
  3. Cars that you’ve owned
  4. Childhood friends
  5. Other possible sensitive information that could be used to compromise your accounts

Other Relevant Articles:

Potential Amazon Password Leak
Top 5 Cybersecurity Threats in 2015
Top 5 Cybersecurity Myths that May Surprise You
Experian (includes T-Mobile)
Scottrade
Trump Hotels
Tesla and Chrysler (unrelated to each other)
Apple App Store
U.S. Office of Personnel Management (OPM)
Kaspersky & FireEye (unrelated to each other)
Excellus Blue Cross Blue Shield
Ashley Madison
Ashley Madison (follow up)


Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Be sure to subscribe to this blog and to our Podcast.

If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.

Remain Vigilant this Shopping Season

 


Enter your email address:


Delivered by FeedBurner


Subscribe to our mailing list

* indicates required







About Joe Gray

Joe Gray is a native of East Tennessee. He joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Since leaving the Navy, Joe has lived and worked in St. Louis, MO, Richmond, VA, and Atlanta, GA. His primary experience is in the Information Assurance (IA) and Cyber Security compliance field. He has worked as a Systems Engineer, Information Systems Auditor, Senior UNIX Administrator, Information Systems Security Officer, and Director of IT Security. Joe is in pursuit of his PhD in Information Technology (with focus in Information Assurance and Security). His undergraduate and graduate degrees are also in Information Technology (with focus in Information Assurance and Security) from Capella University, where he graduated Summa Cum Laude for both degrees and completed a Graduate Certificate in Business Intelligence. He also is a part-time (Adjunct) Faculty at Georgia Gwinnett College. Joe holds the (ISC)² CISSP-ISSMP, GIAC GSNA, CompTIA Security+, CompTIA Network+, and CompTIA A+ certifications. In his spare time, Joe enjoys reading news relevant to information security, blogging, bass fishing, and flying his drone in addition to tinkering with and testing scripts in R and Python.