Preparing for the Holidays

It is estimated that online sales will account for $236 million dollars in sales this holiday season, up 15.5% from previous years. And this is a perfect storm for cyber attackers to prey on our desires to find the right gift for the right price, especially in the current economic environment. So how can you stay cyber-safe this holiday season? Here are 5 tips to protect yourself:

Always go to reputable sellers. Facebook is especially rife with ads from online retailers claiming to have the best price, cheap shipping, and guaranteed arrival dates. But often, these retailers are not as reputable as they appear. Cheap knockoffs (if you even receive your ordered items), extremely slow shipping, or even just not shipping your item at all and running away with your money!

Other scams include impersonating well-known retailers, such as Best Buy or Amazon. These can usually be detected by inspecting the URL closely for “mistakes.” One such example is a site set up as go0gle.com with a zero for one o and if it is displayed in all caps it’s virtually indistinguishable from the original.

Phishing scams are a big challenge this winter. The scams are more sophisticated and with the holidays approaching they are increasing the veracity of their attacks. A few common ways you might come across this type of attack are:

- Fake shipping labels – Ever get a strange text message or email from UPS or FedEx claiming there was an issue with your delivery, and they needed you to visit this link to confirm your information but you don’t remember ordering anything from that retailer or maybe you did? These are typically so well done they appear amidst all the legitimate order confirmation and shipping updates that many people click without even thinking. Yeah, that’s a scam. And an effective one, with Security Monitor reporting that 82% of people open every text they receive. The best bet is to check on any orders directly with the retailer you purchased from or go directly to the shipper’s website to “track” the package.
- Fake purchase receipts – We are all extra sensitive to identity theft these days so receiving an email thanking you for a purchase you know you did not make that we might click on a link before thinking it through. We have seen these types of emails impersonating brands like Adobe and subscription-based software purchases, but they could be from anywhere. If you know you didn’t order, you can go directly to the retailer’s website and search for an order with your email address or order number (if the scammers put one in the email) to verify.
- Compromised accounts – It seems like every retailer you visit pushes you to create your own account within their system to place your orders and save your credentials. It’s no surprise with so many out there that one of them at some time will become compromised. Cyber attackers prey on this psychology, knowing we often will react instinctively.

Always keep an eye out for fraud. Look at all platforms you use to purchase items online. Credit cards, debit cards, PayPal, Venmo, Zelle, Facebook Marketplace…you get the point. It would be a good idea to regularly check your balances, and immediately flag any charges you don’t remember making.

Watch out for charitable scams. The end of the year is the time that many organizations launch fundraising drives for their charitable activities. Think of the Salvation Army and its Red Kettle campaign. They aren’t the only ones to appeal to us in this season of giving. But how do you know if that charity that keeps calling or emailing you is legitimate? Security Mentor says there are several sites available to help you determine the legitimacy of a particular charity and see how they use their donations. They are:

- Charity Navigator,
- Charity Watch,
- Give.org from the Better Business Bureau.

And finally…if you don’t know what’s coming then we haven’t been loud enough in our cries! Regardless of the device – Laptop, tablet, smartphone. Always keep the security software updated. If you see the annoying little notification that indicates an update is available, don’t wait. Just don’t.

Do’s and Don’ts of Online Shopping

Now we begin the greatest of traditions…Christmas shopping. With approximately 2.14 Billion people purchasing products online, cybercriminals have taken notice and ramped up their efforts to steal your hard-earned money and identity. Don’t let them. Here are a few do’s and don’ts for online shopping this holiday season:

DO

Only shop with well-known retailers
Check site security before you click buy
Pay with credit, not debit
Use strong passwords
Track your packages
Do be mindful of fraud

DON’T

Fall for that “amazing, too good to be true” steal of a deal
Use public Wi-Fi
Use apps like Venmo, CashApp or PayPal without linking a credit card as the payment option
Fall for email scams
Lower your guard – always be mindful of the details
Respond to requests to send you a special code through text to provide them to “prove” you are a real buyer

Thank you for being our valued customers. We hope this information will help ensure you have a wonderful and joyful beginning to the holiday season. And in this season of thankfulness, we want to say it again…we are thankful. For your business, for your friendship, and even your referrals. We are grateful for the opportunity to serve you and meet your organization’s IT and cybersecurity consulting needs.