Halloween is over, which means the holiday shopping has likely already begun! Your friends in the technology department want to make sure you have the tools to navigate online shopping this holiday season. Adobe’s Holiday Shopping Report of 2021 claims that e-commerce is expected to reach over $200 billion for the first time. The pandemic certainly influences these expectations as well; it's just easier. Unfortunately, this likely means that cybercriminals will also reach new records this year. A year ago, Experian put out an article stating that 25% of people who responded to their survey fell victim to identity theft/fraud over the holidays. One in five have experienced pandemic-specific scams. We want to look at supply chain issues, payment best practices, scams, preventative security, and more.
“Supply chain,” a phrase increasingly used this year to describe a lack of inventory and pricing inflation. We’ve experienced supply chain issues for a bit over a year in the technology department. My concern is that the supply chain issues could cause our community to seek inventory at unfamiliar stores. If you don’t know the store that says the item you want is in stock, please research before giving them any banking information.
Payment Best Practices
In a recent NJ Cybersecurity and Communication report, they warned of possible Magecart and online skimming attacks. “Magecart attacks are a type of web-based data skimming operation used to capture customer payment card data from the checkout pages of online stores,” according to NJCCIC. As consumers, we trust that the companies we use for e-commerce are doing everything they can to combat magecart attacks.
Here are some ways to make sure you are more secure:
- Use credit over debit. Debit is accessed right into your actual bank account.
- Never save payment information to websites.
- Use digital wallets that provide you with extra transaction security.
- See if your bank offers “virtual credit cards.”
- Enable payment notification on all accounts. This will help identify fraudulent transactions quicker.
I strongly recommend that you use credit instead of debit when making online transactions. A criminal that gets ahold of your debit card information has direct access to your actual money in your bank account. LifeLock suggests going a step further and looking into a virtual credit card that some banks offer. This acts as your card for online transactions but hides your actual credit card number. They also recommend using some form of a digital wallet, such as Apple Pay, Google Pay, or Venmo, as “this can increase your transaction security.” (LifeLock)
Scams are all around us, and I’m sure you have had a few on your cell phone this week alone.
Be careful of the following types of scams this holiday season:
- Charity Scams. Know who you are donating to and where you are donating.
- Unsolicited email and coupons. Go directly to the site and type the coupon code, avoid the link.
- Black Friday phishing scams. Be prepared!
- Shipping Scams. Keep an eye out for scams telling you your package is delayed or asking for payment information to fix the issue.
Be extra cautious of unsolicited emails from companies with coupons or discounts just for you. If you do get an email such as that, refrain from clicking on the coupon link and go directly to the company’s website and purchase using the coupon code. These emails can easily be spoofed, and clicking on a link within could send you to a fake site full of malware. If you do click on the link, be careful logging into your account. Be on the lookout for charity scams as those become popular around this time of year. Research the charity you are looking to donate to before sending them money. Be wary of shipping scams, as the criminals are banking on the idea that you probably ordered something, and it hasn’t arrived yet.
There’s an old adage that is attributed to many different people—it certainly did not come from me. Still, it goes like this: “The best defense is a good offense.” I’m certainly not implying that we all team up and go after cybercriminals, but I suggest that we put plans in place to make sure our accounts are secure on the internet.
- Reset your password and make sure it's as complex as you can remember.
- Set up two-factor authentication whenever possible.
- Look into a URL extender if you notice shortened URLs that look phishy.
- Shop from home. Avoid free or public Wi-Fi.
- Avoid public charging stations. Use your own phone or laptop charger in an outlet.
Social media will let you know all of the trends and blockbuster holiday gifts. However, be aware of shortened URLs in social media posts as they can go to malicious websites. Many companies have software called “URL Expanders,” which will take a shortened URL and give you the actual location that it is going to. When it comes to hyperlink text, simply hover your mouse over it and ensure it's a destination where you are trying to go. Look into creating a password that is a random phrase that is harder to crack and easy for you to remember. Please don’t use names or birthdates. Set up two-step authentication, which will send a message to another device to double-check that it is, in fact, you who is logging in and not someone else. Free Wi-Fi isn’t always free and isn’t always secure. It’s safer to do your online shopping from home. Some charging stations have malware hidden inside. As tempting as it is just to plug in your device to an accessible station, try to use your own brick and cord.
The internet is a great tool, but it can also be a scary place. While I worry daily about cybersecurity and the cyber safety of the Far Hills community, I hope I can pass along some helpful information so that you don’t need to worry as much. Setting yourself up for a good foundation of protection and keeping an eye out for things that look off is a great first step. If something looks too good to be true on the internet, it usually is. Please don’t let this deter you from online shopping altogether but bring awareness to staying secure. Be safe and have a wonderful time holiday shopping online or offline.
Additional recommended resources: