It’s that time of year again! Vacations, food, time with family… And last minute shopping!
Many websites this time of year will be in overdrive with last minute holiday deals and great perks to keep shoppers online and away from the crowds. It’s also the time of year where cyber criminals take to the internet with “deals” of their own to trick and manipulate users.
As we head down the holiday stretch, here are five tips to keep you safe while shopping online:
- Be wary of deals that seem too good to be true. Cyber criminals will use enticing offers and promises of huge discounts around the holiday season to get you to click on links delivered in an email. Always take caution in clicking on links you receive from unfamiliar websites. Criminals use these links to send you to fake websites designed to steal your data (think: credit card information!). If you are unsure of a where a link will take you, enter the website name into your search engine to check for scams.
- Look out for domain squatting. This is when criminals buy up domain names that are similar to the names of real companies with the intent of tricking users into thinking they are visiting a legitimate website. You should always inspect the legitimacy of the URLs you visit online. A common technique of bad actors is to change something very small about a domain name, such as adding or reversing the order of letters, so that users won’t notice they are heading to an illegitimate website. For example, “gookle.com” or “ghoogle.com” instead of Google.com.
- Watch out for phishing attacks. Documents sent via email are one of the easiest ways that cyber criminals take advantage of their victims. This happens when a bad actor sends an email imitating a legitimate business in an attempt to earn their victim’s trust, and convince them to open a malicious attachment or link. Sometimes these bad actors will attempt to “spear-phish” their victims by mimicking a personal contact, such as a friend, employer, or business associate. Keep an eye out for emails that contain vague instructions, or seem out of character from the sender, and always check the email address of the sender to confirm it is legitimate.
- Ensure secure connections to websites. When shopping online, make sure the payment portions of the site are utilizing HTTPS protocol. This insures that the data being transferred between your computer and the website is secure and cannot be compromised by man-in-the-middle-attacks. Most browsers will highlight the “https” portion of the URL in green, and display the word “secure” to the left-hand side of the address bar when this protocol is active. Be very wary of payment sites that do not utilize this protocol.
- Stay away from unsecured Wi-Fi. Avoid making purchases online while connected to public Wi-Fi. Most of these networks are unsecured and can easily be compromised, leaving your data at risk. Turn off the automatic Wi-Fi connectivity feature on your phone to insure that it won’t automatically connect to public Wi-Fi networks.