Criminals don’t take holidays off; they are more active and ready to act. With more commerce occurring online this year, this holiday season becomes the perfect scenario for cybercriminals to surprise shoppers that forgot to take security measures. 

As we all know, the internet offers convenience which is not available in shopping outlets. We can buy from a $1 item to the most expensive ones with just a click away. Online shopping has become the most popular option during this year, and cybercriminals know how to take advantage of it. If a deal is too good to be real, it certainly is. Cybercriminals generally use this strategy to catch buyers’ attention and involve them in any scam.

The following are CISA recommendation to be aware of and avoid being a victim of  Online Holiday Shopping Scams.

Do business with reputable vendors

Before providing any personal or financial information, make sure you who you are interacting with. Reputable vendors don’t ask for this kind of information via email. Cybercriminals clone websites to make them seem legit and convince you to supply personal and financial information. They also embed malicious code to send requests on your behalf. The best you can do to protect is checking the certificate information such as “issued to, phone numbers, and physical address.” Cybercriminals may obtain a certificate for a malicious website and trick you, but if you pay special attention to these characteristics, you can differentiate who is who. 

Make sure your information is being encrypted.

Internet is not safe, and that anyone can be monitoring the traffic. If the vendor, web page, or server you are accessing doesn’t encrypt your information, everyone will have access. The easiest way you can verify if your information and connection are being encrypted is by checking the top left or right of your web browser and see if it’s using HTTPS (Hypertext Transfer Protocol Secure). It is a secure protocol that secures communication over a computer network and encrypts communication using Transport Layer Security.

Do not provide sensitive information through email

Techniques to trick people by email are infinite. Cybercriminals are so proactive and ingenious that recognize when an email is a scam is often tricky. However, during this holiday season, be aware of offers that are too good to be real, misspelling, documents attached, and links that take you to unknown websites. If you receive an email and are interested in what they offer, do not click the link. Instead, type the URL by yourself and make sure that the website is from a legit vendor. 

Do not respond to unsolicited phone calls and messages

This technique is coming back to life. Do not share any information with people that you don’t see or know. Even if the call detector shows their name, it can be a scam. If you see the store name on the phone screen, excuse yourself and call back to a legit number. If during the call they insist on requesting codes or any action from you, just hung up. 

Install Security Software

Fortunately, web browsers have a variety of extensions and adds-on to protect us. Installs anti-fishing features, email filter, firewalls, and maintain anti-virus software up to date. Another strong recommendation is to activate multi-factor authentication (MFA) and set base daily or transaction spending in your bank accounts.

About Allari

Allari implements customized service plans for IT Operations & Cyber-security which allow you to complete a higher volume of planned work, gain the capacity to innovate and help your business to win.

Subscribe to the best newsletter there is.

You won’t regret it!