Well, I am back.... After getting my homework & midterm done for school, as well as the final exam, I'm all done until late January. Time to catch up on some blogging!
A lot of has happened in the InfoSec world since I've been away, but I'm not going to discuss any of that here. However, since the holidays are right around the corner, so aren't the risks of shopping online. With the infamous "Black Friday" vastly approaching, as well as Christmas, the cybercriminals will be in rare form, as they use the holiday season to take advantage of weary & unsuspecting customers looking to cash in on sweet deals.
With all the holiday hooplah going on, always keep your guard up. Thieves will do anything and everything to get a hold of your creditcard, personal, or banking information to siphon your bank accounts. Beware of emails purporting to come from some online retailer with exclusive sales on good & services. Especially if they come from a retailer that you've never heard of or have not signed up for. This could very well be a phishing scam aimed at getting your personal or financial info.
Be weary of online retailers that you plan on doing business with. There are various ways to check their online reputation (score) to ensure that they're legit and safe. Once you've decided on an online retailer make sure their website is secured (https:) and has a verified seal at the bottom of the website. It's also a good idea to only shop at websites that are located in the USA. Again, checking the retailers reputation should divulge where they're located if you aren't sure.
When paying for purchases online, NEVER use your bank's checkcard or debitcard. That's a huge no-no. Using your debitcard could potentially allow cyber-thieves to have complete access to your entire checking account if in the event your debitcard info is compromised. Use either a creditcard or a prepaid debitcard with the amount allotted to your purchases (including taxes and shipping costs). Using a creditcard is better, because under certain laws you will be protected if you spend a certain amount and unauthorized purchases are made. Not to mention that your bank will usually refund you the amount of losses if your creditcard number is stolen and used for fraudulent purchases.
After you made your purchases keep an eye on your account statements to ensure that unauthorized transactions weren't made using your card. If there were any made, you can take care of them right away.
Before embarking on any online shopping spree, make sure your browser is up-to-date. I've posted a blog entry a while back about the "Qualys Browser Check add-on" for all the major web browsers. It'd be a good idea to install and run that tool prior to your shopping spree to update your browser and computer, and patch any security holes. Cybercriminals will almost certainly be infecting legitimate websites to serve up malware (malicious software) to infect your computer. There are also various browser add-ons that you can use to alert you of fake online websites used to phish your info.
Lastly... Don't forget to make sure an anti-virus program is installed, working, and up-to-date!
Good Luck & be careful... The Internet is a scary place!
--ma
Michael
No comments:
Post a Comment