Secure online shopping
The pre-Christmas shopping rush is likely to be limited, as social distancing is the order of the day. That's why retailers and customers are increasingly turning to online shopping. But caution is advised!
Online shoppers strike especially around Black Week in the run-up to Christmas. Malwarebytes security researchers recommend the following measures customers should take during online shopping to protect themselves from cyberattacks:
- Beware of mails with spelling errors and HTTPS certificates
Be suspicious of unknown senders in e-mails. Especially if you are asked for credentials and/or offered unfamiliar links. Although spelling errors don't always have to be a sign of fraud, most companies use proofread templates, so mistakes are rare. Also, the HTTPS communication protocol is not a guarantee that a website is trustworthy, but only that entered data cannot be easily spied out by third parties.
- Prefer to use the credit card
Use a credit card if possible, as this is usually the safer payment option for online purchases. Using debit cards that are tied to your bank account is often problematic when fraud is involved: The money leaves your account immediately, and it can be more complicated to get it back than with credit card use.
- Update operating system and antivirus
Scammers may lure victims to malware-laden websites or attempt to compromise websites in the run-up to Black Week. Make sure your operating system and security software are up to date and that you have full plugin protection in your Internet browser as well.
- Critically examine social media presences
Don't fall for prompts to like or share posts on social media. Giveaways and prizes are tempting, but you should make sure the account running the promotion is official. Is it a verified social media presence? If not, how familiar are you with the account in general? Also: many of your contacts won't be thrilled if too many contests and sweepstakes end up in their timelines. That's why it may make sense to create a standalone social media account just for contests. Also, watch out for shortlinks on social networks, as they can hide nasty surprises.
- Set up two-factor authentication
Additional security for an account is provided by two-factor authentication, i.e., confirmation of the user's identity by several components that are independent of each other. These comprise three categories: something you know, such as a security question; something you have, such as another device; and something you are - this includes facial recognition. In this way, users can protect their access to an account and thus sensitive banking or address data from hackers.
Source: Malwarebytes
