8 Holiday Cybersecurity Tips to Keep You Safe

'Tis the season to be wary!

Every year, the holiday season features at least one retail data breach. This year, especially with the unstable status of the pandemic, people are turning to online shopping for their holiday plans. With the increase of online shopping, cybercriminals have ample opportunity to attack vulnerable people looking to gift shop.

A report from early this year from the Federal Trade Commission found that consumers reported losing more than $3.3 billion to fraud in 2020, up from $1.8 billion in 2019. Nearly $1.2 billion of losses reported last year were due to imposter scams, while online shopping accounted for about $246 million in reported losses from consumers. Individuals are not the only ones at risk, however, businesses are equally vulnerable with arguably more to lose. Protect your personal information and keep a vigilant eye over your data.

Fortunately, many cyber-threats are avoidable through caution and cultivating good habits. Check out our tips below for strengthening your online security!

Here Are 8 Tips to Strengthen Your Cybersecurity for the Holiday Season:

1. Use secure connections.

Make sure your home Wi-Fi is secure by enabling strong encryption with a strong passphrase, limiting who has access to your home network. When not at home, don't make purchases while connected to public Wi-Fi, use a virtual private network (VPN) or your phone as a hotspot instead. Check to make sure you're shopping on a site that uses SSL protection. The easiest way to tell is to check your browser's address bar. Look for https:// (not http) in the address bar before using your credit card online. Sites without the s are not safe to submit payment information or other personal details.

2. Monitor statements & use credit cards or third party payment vendors.

Keep track of your purchases so you can immediately spot if there is a discrepancy. Make use of any text and email alert systems your bank or credit card company might offer. Instead of debit cards, use credit cards to reduce liability if the transaction is compromised. Alternatively, you may also consider using a third-party payment vendor that will also protect your primary funding source. Common vendors include Venmo, Google Wallet, Paypal, and Amazon Payments. In the event that these services are compromised, only the transaction will be affected. The credit and debit cards, or account info, remains protected. 

3. Beware of rampant seasonal scams.

Fake package tracking emails, fake e-cards, fake charity donation scams, and emails requesting that you confirm purchase information are particularly common this time of year. Use known, trusted URLs instead of clicking on links. Watch out for charity scams that try to convince people to donate their money for "holiday spirit." Even if a familiar brand pops into your inbox asking for your money, skip the risk and visit their website or call them directly to learn more.

4. Be cautious of your email inbox and SMS phishing.

Between holiday messages, sales, end-of-year newsletters, etc. cybercriminals use volume to their advantage. Impersonation, identity theft, chargeback fraud, and account takeovers are some of the easiest ways for attackers to gain access to your information. Even if they appear to be from people you know, legitimate organizations, your favorite retailers, or even your bank, messages can easily be faked. 

Use known, trusted URLs instead of clicking on links. Remain wary of emails with pictures in attached files, as they may contain malware. Verify any requests for personal information by contacting them through the information on their official website. If you are requested to act quickly, or there is an emergency, it is likely a scam. Attackers create a false sense of urgency to take advantage of knee jerk reactions and panic.

5. Make strong passwords for new accounts.

Often, websites will ask us to create a new account for a discount or to track our order status. In these cases, be careful about creating a strong password. This time of year is when attackers are most eager to capitalize on our impatience. Even if you will never use this account again, it is no excuse to have a weak password. To create a strong password, combine letters and numbers instead of just letters, and opt for longer phrases instead of simple words. Never use passwords with words that could be easy to figure out with the right snooping, such as your birthday or mother's maiden name. 

6. If it sounds too good to be true...

Don't be fooled by the lure of great discounts by less-than-reputable websites or fake companies. Don't trust sites that offer you a lower price on a name brand good or other items like concert tickets and travel packages. Unfortunate as it may be, it is quite easy for criminals to fake reviews and testimonials on their site to gain your trust. Use only the direct sites of retailers you know and trust, and get to their sites by directly typing a known, trusted URL into the address bar instead of clicking on a link whenever possible. Also verify if an unknown website has a legitimate mailing address and a phone number for sales or support-related questions. If the site looks suspicious, call and speak to a human.

7. Review privacy policies.

Know what information the merchant is collecting from you. Though you may be tempted to click the "I agree to the terms" box without actually looking at the terms, give them a once over so you know exactly what you are going to agree to. Know exactly what data is collected, how it is stored, how it is used, and if it will be shared with others. You don't want to be saddled with the liability because you didn't bother to read the small print.