December 5, 2016

Stay Cyber Safe This Holiday Season

This holiday season, over 50% of shopping will be conducted online - creating prime opportunities for malicious cyber actors to target unassuming consumers. Learn how to stay cyber safe from phishing scams, fraudulent websites, malware and social engineering campaigns, and other cyber-crime tactics. Malicious actors will continue to evolve and their attacks only grow more successful at targeting your sensitive data. 

Any time you get online you assume some risk, but here are our Top 7 Tips to stay cyber safe, secure your sensitive information and avoid even the  craftiest hackers.


1.     Do Not Use Public WiFi. Think free public WiFi is convenient? So do hackers! The lack of authentication required to establish a network connection provides hackers with unrestricted access to unsecured devices on the same network. Hackers can position themselves between you and the connection point - and access all of the data you're sending out on the Internet: sensitive personal data, important emails, credit card information and even security credentials to your business network. Once the hacker has that information, they can access your systems at any point. An unsecured network could be full of compromised machines or contain viruses and malware that pilfer your information and can lead to identity theft and financial fraud. 

2.     Use Strong Passwords and Two-Factor Authentication. Using a strong, unique password is one of the simplest and most critical steps in securing your devices and online accounts. Always use at least 12 characters, with numbers, special characters, and upper and lower case letters and don't reuse passwords across sites. Consider implementing two-factor authentication both on your devices, and on all your online sites, as even the strongest passwords are vulnerable to algorithms hackers employ during brute force attacks. If a site gets hacked, your password will be exposed.

3.     Secure Your Devices. Consistently keeping your operating system, software, and apps updated and patched on all of your devices is critical to your basic online security. Unpatched systems or devices can leave the door open to malware and flawed websites, email providers, media players and instant messaging programs, which can allow malicious websites to infect or compromise by simply viewing or listening to the media, website, or message.

4.     Know Your Websites. Malicious or fraudulent websites are particularly prevalent this time of the year. To avoid these scams, limit your online shopping to websites you're familiar with and trust. If you're unsure about a merchant or website, check with the Better Business Bureau or the Federal Trade Commission. If available, check the website's physical address and phone number in case you have issues. Avoid creating accounts across multiple online sites, especially where your personal and sensitive information is being saved.

5.     Confirm the "https" Before Making A Purchase. Https indicates that communication with the website is secure and encrypted. This helps to ensure your information is transmitted safely to the merchant and no one can spy on it. Alternatively, confirm the (often green) lock symbol in the Internet address bar.

6.     Use a Credit Card. Using a credit card to conduct online shopping limits your liability if your information is stolen or improperly used. Debit cards generally do not have the same consumer protections as credit cards. By using one credit card for all your online shopping you also limit the potential for financial fraud to affect multiple accounts. Establish alerts with your credit card company to receive SMS and emails when any purchases are made and the credit card was not scanned. Also monitor your credit accounts for "microcharges" on your credit card - often this can be a hacker testing cards to see if they are valid by charging very small amounts.

7.     Be Cautious of Email Deals. Many of the digital ads in your inbox are legitimate, but some can be part of a phishing scheme targeting your data. Ensure you are familiar with the company or entity sending the ads and if a deal seems too good to be true, do not click the link - manually enter the website name into your browser.

Photo: Luis Llerna