With the holiday shopping bonanza right around the corner, Amer Owaida, Security Writer at ESET explains how to make sure your online spending spree is hacker-free
Black Friday is almost upon us and Cyber Monday is just around the corner, which means that most of us will be on the hunt for the perfect bargain. Which, to be honest, we will probably find in abundance, with most online and brick-and-mortar stores trying to either offload inventory or one-up the competition by offering the sweetest deal yet. That said, we need to keep in mind that the pandemic hasn’t blown over just yet, so shopping using your smartphone, tablet or other connected devices is probably safer than pushing and shoving each other at the stores.
However, online shopping carries risks of its own. And while it protects you from getting infected with the nasty coronavirus, you might end up compromising your device with malware – if you don’t keep your wits about you. This can open up a whole other can of worms, such as getting your data locked down by ransomware, or cybercriminals siphoning off your sensitive data to commit identity fraud, or selling it on dark web marketplaces.
Fortunately, you can mitigate the chances of that happening by approaching online shopping with a healthy dose of vigilance, bolstering your device security, and applying proper cybersecurity habits.
Since you’ll be doing your shopping online, the best place to start is getting your internet connection right. You’ll probably be tempted to do your shopping in your downtime and that sometimes involves over coffee or outside; however, public Wi-Fi hotspots aren’t exactly safe. So, doing any kind of operations that include sensitive data such as your payment information is a big no-no. Your device could get infested by malware, or your sensitive data could get pilfered. Limiting your online purchases to safe and familiar internet connections is better, so your best bet is to either use your phone’s data plan or by connecting to your home Wi-Fi network.
Your home network security shouldn’t be underestimated either. If you haven’t touched the security settings of your router since its out-of-the-box installation, now would be the proper time to set it up properly. However, people are busy creatures and have errands to run throughout the day, so they might sneak in a bit of online shopping here and there. So, if you still want to do that on a public hotspot, use a virtual private network (VPN) so that you can shield your traffic and do your shopping safely.
Secure your device
As you may be doing much of your shopping from your smartphone, just for convenience’s sake, securing it should be a no-brainer. However, a significant number of people still consider their smartphone to be just a phone rather than a pocket-sized computer that they haul around every day in their pocket and use to execute all kinds of tasks. That being said, they underestimate how much personal data is stored on these devices, ranging from photos and personal information all the way to payment cards housed in their electronic wallets that they use to pay for their shopping.
Therefore, these devices need to be protected as well. That’s where a reputable security solution comes in – these are well equipped to protect your device from getting infested by all manner of malware as well as go a long way toward protecting you from malicious activities carried out by threat actors, such as phishing attempts or sending you malicious links. You should also consider securing your device by adding lock screens that are a combination of both biometric locks and passphrases.
Protect your payments
You should think about protecting your chosen payment methods as well. If you’re wondering where such a feature can be found, well that tracks back to using a reputable security solution on your device. Fully-featured solutions usually offer a payment protection feature that adds an extra layer of protection for your banking and payment applications. This protects you from any enterprising scammers that would try to intercept your payment information either in the form of phishing campaigns or other threats.
The payment protection feature will protect your banking and payment apps by shielding them from malicious applications that may have infested your device, and preventing them from replacing information or reading on-screen information from your protected applications. Additionally, you should be able to add applications that you think should be protected by this extra layer of security. Another supplemental security feature that should be used whenever a payment is involved is multi-factor authentication, preferably using an authenticator app or security token.
The shopping season is usually ripe with bargains of all sorts, especially during Black Friday and Cyber Monday, where shoppers will be on the lookout for the perfect price drop. It’s also the favorite time of year for scammers that will be banking on consumers to drop their guard and be at their most gullible since some shops may offer truly ludicrous sales. However, one thing that withstands the test of time is the often-repeated rule that if anything that sounds too good to be true usually is.
So if you perchance stumble upon ads that rub you the wrong way or are inundated by pop-up banners that feature 90% discounts of luxury brands, you should probably avoid those. If you click on them you might be redirected to a phishing or fake website that will try to harvest your sensitive information including your payment data or lead you to download malware to your device; either way, the only one getting a bargain will be the scammer. To avoid falling victim to such scams your best option is to stick to legitimate marketplaces and authorized platforms that you can trust.
In conclusion, while on the hunt for the best bargain you should never let your guard down and remain vigilant at all times. Look out for telltale signs of scams, like misspelled advertisements and dubious marketplaces that may look like the real thing at first glance but are fake once you scrutinize them a bit more – prices might be off, or the web address looks wrong.
And don’t forget to apply other fundamental cyber-hygiene practices, such as keeping your device and operating systems updated with the latest security patches, having your devices protected using onboard security features and security software, and don’t forget about strong passphrases and enabling two-factor authentication. All of this might make the festive season all the safer and more enjoyable and protect you from a possible scam-induced headache.