5 Cyber Security Must-Dos for Safe Holiday Shopping

Photo Credit: Getty Images

From Black Friday to Cyber Monday and beyond, the coming weeks are the peak time for everyone’s favorite holiday tradition—online shopping sales. But all of those digital transactions can draw hackers and scammers looking for an easy steal.

“Cyberattacks are becoming more sophisticated as we speak,” says Babak Forouraghi, Ph.D., chair of the computer science department at Saint Joseph’s University. “You can’t simply install security software on your computer and be protected from every threat. If you do not practice the right habits, you are going to get hit, and who wants to get hit around the holidays?

Still, Forouraghi doesn’t think you should let the threat of online scams prevent you from shopping this holiday season. To ensure the only damage done to your bank account is from your own purchases, follow his five rules of safe online shopping.

Never Trust Email

Around this time of year, you’ll probably be receiving a lot of emails offering special deals from your favorite brands. While those Black Friday discounts can be hard to resist, it’s important to proceed with caution every time you open an email.

“Phishing attempts are very popular, and they are becoming very sophisticated,” says Forouraghi. “You receive an email that looks very authentic, like it comes from a retailer you like or your financial institution.” But watch out — if the email asks you to click a link to update your password or your credit card information, it very well might be a scam, a well-crafted fake designed to steal your critical info.

“Every email is suspect,” says Forouraghi. “I never click links or give personal information.” Instead, always visit the website directly or, better yet, transfer important information over the phone.

Use a Secure Payment Method

It goes without saying that the more defenses you can put between hackers and your bank account, the better. Fortunately, sometimes more convenient methods can also add an extra layer of protection.

“Digital wallet services like Apple Pay and Google Pay are actually very secure,” says Forouraghi. Instead of sending your account number, digital wallet services like Apple Pay send a random encrypted code, called a token, that facilitates payment, so there’s no chance of your financial information being stolen. Forouraghi recommends the additional step of using your credit card, never your debit card. If someone does manage to get to your account number, it’s much easier to cancel a credit card payment than return funds to your bank account.

Don’t Shop Over WiFi

Whenever you use WiFi, information is transmitted through the air to wherever the wireless router is located.

“I do not use wireless in public places to do important transactions,” says Forouraghi. “Anybody who has any technical background can steal those packets of information.”

Your best bet is always a wired connection, although using a wireless router at home should also generally be safe (assuming you trust the people you live with).

Protect Your Passwords

“Many people use the same password across many different online profiles. That is not a good idea,” says Forouraghi. “Once an account gets compromised, you are putting yourself at risk for getting compromised on many different sites.” Once the hacker gets one password, they will seek out your other accounts and try that same password. A relatively harmless hack of your Twitter account could get very problematic if you use the same password for your bank accounts, for example.

To protect yourself, Forouraghi recommends two options:

1. Download single sign-on software, which creates many different, lengthy passwords for each of your accounts and then stores them safely.
2. Create your own excel file of secure passwords for different accounts, then password-protect the excel file.

Monitor Your Purchases

“Credit card companies are very good at flagging certain transactions, but smaller amounts often slip through the cracks,” Forouraghi says. In the glut of purchases during shopping season, those smaller purchases can be especially hard to catch, but they still add up, especially if the scammer is draining your account month after month. To be safe, personally review your bank statements and note purchases that look unfamiliar, regardless of size. If anything looks off, contact your bank before any additional charges can be made.

Want to learn more about protecting yourself or your company from cyber-threats? Check out Saint Joseph’s University’s cybersecurity program today.