More than ever before, people are going online to do their holiday shopping. According to a survey conducted by Accenture, 75 percent of consumers say they’ll be doing some holiday shopping online this year, a 65 percent increase from last year.
While many consumers are avoiding shopping in person to minimize COVID-19 exposure, they run the risk of exposing their personal information to scammers and hackers when shopping online.
To avoid this, it’s important to use proper cyber hygiene. Several FIU cybersecurity experts shared tips and advice on how to safely shop online.
1. "Don’t reuse passwords for multiple accounts. Avoid all passwords that derive from birthdays, addresses, and anniversaries. “Password” is the most popular password in the United States; some variant of “12345” is very popular as well," says Alexander Crowther, research professor at the Jack D. Gordon Institute for Public Policy and the Department of Criminology and Criminal Justice.
2. Make sure you have an antivirus program installed on your computer.
3. “Ensure the website has an SSL certificate by checking that the URL begins with HTTPS versus HTTP before inserting any personal information. There should also be a lock sign on your browser, which means the transactions are encrypted and authenticated,” says Randy Pestana, assistant director of research and strategic initiatives at the Jack D. Gordon Institute for Public Policy
4. Don’t believe any phone call asking you for money or information. Your bank and credit card company will never call you. They will send you a secure message and ask you to call them.
5. Fake shipping notifications are a common way scammers attempt to steal personal information. If you get an unexpected text message or email with a link, don’t click on any links. Contact the company using a website or phone number you know is real.
6. “Emails and ads are the easiest way that hackers can install malware on your device or steal your personal information. Don’t click on links in your inbox or targeted ads – search for the store’s official website,” says Kemal Akkaya, director of Advanced Wireless and Security (ADWISE) & Lab Director of Research, Cybersecurity@FIU.
7. “The Federal Trade Commission advises consumers to consider using credit cards rather than debit cards to limit fraud exposure to $50 per incident, with certain potential exceptions, although many banks offer credit and debit cards with $0 fraud exposure in many instances,” suggests Hannibal Travis, professor of law at the FIU College of Law.
8. Do not save credit card information on your browsers.
9. Turn on two-factor authentication or CAPTCHA wherever you can. "Tools like these are effective against cyber-attacks that could take personal information in a matter of seconds," adds Brian Fonseca, director of the Jack D. Gordon Institute for Public Policy and Cybersecurity@FIU.
10. Avoid shopping on public Wi-Fi if you can. If you must, ensure you are using a Virtual Private Network (VPN). Hotels and airports are the most dangerous places for people accessing your data.
Bonus Tip: Trust your gut. If something looks fishy, it probably is.