By Agnes Kirk
Washington State Chief Information Security Officer
If you're like me, shopping is increasingly becoming an online experience.
Don't get me wrong, I still love going into stores and browsing. But like most shoppers nowadays, I also visit stores online. A recent UPS survey found that 52 percent of purchases are now made online, up from 47 percent in 2014.
Unfortunately, hackers are taking advantage of this trend and victimizing shoppers.
Being aware of the risks and knowing how to take appropriate action is important. One wrong click while shopping online this holiday season could make you vulnerable to hackers wanting to steal your identity and access your financial accounts. They could even encrypt all the information on your hard drive and demand a ransom to get it back.
The bad guys who want to steal your information are constantly getting better at what they do. It's no longer sufficient to install anti-virus software on your computer and call it good.
Here are six ways to help protect yourself while shopping online during the holidays:
- Use one credit card for all online purchases: Credit cards are safer than debit cards for online purchases. The Fair Credit Billing Act protects credit card use, and using one card limits the potential for financial fraud to affect all of your accounts. Even so, check your statements regularly.
- Don't use the same login and password for all your accounts. Make sure the passwords you do use contain several words or a long phrase.
- Add a layer of security by requiring another form of identification-in addition to a login and password-to gain access to your accounts. Many companies, like Google for example, allow a "two-step" authentication that involves sending a code to your phone by text in order to login.
- Don't trust your email. Seriously. It's becoming increasingly difficult to distinguish phishing attempts by hackers from legitimate messages. (Including those sent through social media) If a message contains a link to a web page offering a great deal, do not click the link. Go to the company web page directly. Also, never open attachments, unless you are expecting it and know the sender.
- Look for "https" in the internet address (URL) when making an online purchase. The "s" in "https" stands for "secure" and shows that communication with the webpage is encrypted. This helps ensure your information is transmitted safely to the merchant and no one can spy on it. You can also look for the lock symbol (sometimes it's green) in the internet address bar.
- Do not use public computers or public wireless internet access for your online shopping. Public computers and wireless networks can contain viruses and other malware that steal your information, which can lead to identity theft and financial fraud.
You can find more tips about how to stay safe online at cybersecurity.wa.gov or download this flyer.
Sincerely,
Agnes Kirk, Washington State Chief Information Security Officer
Ph: 1.888.241.7597 or cybersecurity@ocs.wa.gov