NEW YORK: People are increasingly using their smartphones and other devices to get a handle on their shopping. Hackers are on the hunt as well, looking to steal personal information from easy targets.
“People just need to have their radar up, so that ... they’re not clicking on things they shouldn’t,” says Michael Kaiser, executive director of the National Cyber Security Alliance.
Here are some tips for staying safe.
You’d better watch out
Make sure your phone’s operating system and all the apps you use to shop are up to date. That way you’ll have the fixes for any recently discovered security problems.
You should also enable multi-factor authentication in the settings on your important accounts. This is a security measure that requires you to enter a temporary code in addition to your password when signing in” services often text this code to your phone. It complicates life for hackers should they somehow manage to get your password.
Improvements in credit card fraud detection have pushed hackers to focus on stealing legitimate login credentials, so adding an extra layer of protection to these accounts is a must, says John Dickson with the cybersecurity firm Denim Group.
And while some cybersecurity experts question the value of changing your password frequently, Dickson says it’s not a bad idea this time of year.
Hackers are watching
Nobody likes to dip into their mobile-data plan, but you might want to set aside a few gigabytes for your shopping.
Signing on to free Wi-Fi at a store or coffee shop can be risky. Hackers could be lurking on the networks, ready to use that connection to steal credit-card numbers or other personal information. If you’re using free Wi-Fi, at least wait till you get home to check your bank account balances, Kaiser says.
Feast of the phishes
Phishing spikes at this time of year. Emails that offer great deals on holiday gifts or donation pitches from charities could actually be attempts to steal your credit card or login information. Another popular trick: Fake emails supposedly sent by online retailers or shipping companies.
Don’t click on links in these emails, as they may lead you to a fake website that looks legitimate. Instead, type in the company’s website directly.
Checking it twice (or more)
Shoppers need to keep a close eye on their accounts. The easiest way to do this is to use the same credit card for all of your holiday shopping. Avoid debit cards — running up a credit card balance is one thing and can be challenged” draining your life’s savings is another.
Use different passwords for your various shopping accounts. That way if one is compromised, it’s less likely that the others will fall to hackers as well.
Too good to be true?
Websites that advertise hot deals on popular or hard-to-find items are probably scams. So are those touting free or deeply discounted gift cards. Stick with e-commerce sites you know are real. Don’t click on web ads.
And if something advertised on a website or social media looks too good to be true, it probably is, says Brian Reed, chief marketing officer for ZeroFox, a cybersecurity firm that focuses on social media.
Instead of getting a great deal on a North Face jacket or a free iPhone, shoppers are getting their money and personal information stolen.
Also avoid apps that promise to generate gift card codes for various retailers, Reed says. The apps can harm your device. And, if you manage to use a code, you’re committing fraud.
The dangers of IoT
But the lack of security built into many of internet-connected gadgets — whether they be a “smart” thermostat, baby monitor or a talking toy — is becoming an issue. Experts worry that they could be used to breach a home or business network and let hackers access another device that holds private information.
There’s no way to tell from its box how secure any given gadget is, but an online search could fill you in on previously reported problems.
Default passwords should be changed right away, if possible. Do some research to understand exactly what personal information the device is collecting and where it’s being stored or sent.
Down the road, make sure your smart devices get their security updates. That includes your wireless router. If it’s an older model, you’re probably going to need to get them from the manufacturer’s website. Newer models often send updates through apps.
And if your router is really old and not getting updates, you might want to add that to your gift list.
“If that’s your gateway and it’s not secure, then you’re allowing people to get into all of the devices connected to it,” Kaiser says.
