Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, highlights key guidelines to follow when shopping online.
Individuals and retailers are not the only ones getting ready for the biggest shopping season of the year. The holiday shopping season is also a big event for cybercriminals, Fortinet said. Every holiday season, security analysts document spikes on online criminal activity, ranging from phishing scams, fake shopping sites, and credit card skimming software, to malicious and compromised applications being posted on online app stores.
Fortinet provides a few tips to ensure a happy and secure holiday shopping season.
1. Get Ready
One of the best ways to ensure a safe cybershopping experience is to prepare for it. Start by making sure that devices, software, browsers, and applications have all been patched and updated to the latest versions. Always keep all the passwords under control. Update older passwords with newer ones that are harder to guess but easier to remember. Do not use the same password for different accounts. Lastly, shop with a credit card instead of a debit card. Many credit cards include fraud protection. They can also be turned off without freezing other resources. Also, make sure that the credit card provider alerts the person to suspicious card activity.
2. Go the Extra Mile
It is also important to know that every browser supports secure transactions using SSL encryption. But to be safe, make sure the connection is secure before pushing the “purchase” button. This can be done by looking at the URL bar of the browser and making sure that the address starts with https:// rather than http://. Whenever possible, shop using a VPN (virtual private network) connection. This way, even if a person’s communications are intercepted, they will be useless to cybercriminals because the data is encrypted. For more technical users, consider setting up a VM on the computer just for shopping. That way, if at all it gets infected it will be isolated to the VM and criminals would not be able to access other sensitive data on the device.
3. Shop Safely
Everyone has heard that we should not click on links in an email or on a website unless we know they are safe. However, about 1/3 of users do it anyway. One way to conquer this curiosity is to know where that link leads to. Hover the mouse over a link and you should be able to see the URL either as a pop-up or at the bottom of the email or browser page. Look at it carefully before clicking on it. Does it look normal? Is the name too long or does it contain lots of hyphens or numbers? Is the URL going to the site it claims to link to, or to somewhere else? Does it replace letters with numbers, such as amaz0n.com?
4. Pay Attention
Be aware that cybercriminals will go to great lengths to spoof popular shopping sites. Start by looking at the website design. Most cybercriminals do not have the time or resources to make an exact duplicate of the site they are spoofing, or to develop their own fake shopping site. Next, read the text on the website. Bad grammar, unclear descriptions, and misspelled words are all giveaways that the site may not be legitimate. Finally, make sure the checkout system accepts major credit cards. Avoid sites that require direct payments from the bank, wire transfers, or untraceable forms of payment.
“Today’s cybercriminals are not only technically savvy, they also recognize the latest consumer trends, understand the underlying assumptions shoppers make, and know how to exploit them. By taking the time now to educate ourselves and others, we can have a productive and safe holiday shopping experience,” said Gavin Chow, Fortinet Network and Security Strategist.