The holiday season is upon us! If you’re like me and try to avoid the hustle and bustle of shopping centres this time of year, then you’ve probably already started doing some (or most) of your Christmas shopping online.
However, online scammers know this and are ready to take advantage of the buying frenzy that occurs during the holidays. Therefore, it’s important that you take necessary precautions when conducting online transactions.
Here are our tips to keep your financial and private information safe from cyber criminals this Christmas:
1. Only use up-to-date devices
Any devices operating on old software pose a serious threat to your online security. Hackers exploit the vulnerabilities found in older operating systems to gain access to both the device and the users private data. Software updates not only improve your device’s performance, but also include patches to fix these vulnerabilities and improve your cyber security. Although installing updates on your computer, tablet or smartphone may feel like a lengthy chore, it can drastically reduce your online risk. For this reason, we recommend that you only use up-to-date devices when shopping online.
2. Never visit websites from email links
This time of year you’re probably being inundated with promotional emails offering the latest products and exclusive offers. However, not all of these emails are going to be legitimate and, as cyber attacks become more sophisticated, it can be difficult to detect which emails are in fact phishing scams. Many of these phishing emails include seemingly innocuous links that, once clicked, lead the unsuspecting victim to a nefarious site that will begin to auto download malware onto their device. It’s better to be safe than sorry, so we recommend never clicking links found in an email. Instead, try navigating directly to the website yourself by typing the url into your web browser. We also recommend applying the same advice to links that have been texted to your phone.
3. Use a wallet app
Giving your financial information (such as debit and credit card details) always constitutes risk. However, during the holiday season, many of us find ourselves purchasing from online stores and retailers we haven’t dealt with before. Freely handing over your financial details to an unknown site exponentially increases the risk of cyber criminals accessing this information. That’s why we suggest that (whenever possible) you use a wallet app (such as PayPal) to facilitate your online purchases. Using these services circumvents this issue, as you only share your payment card details with the wallet app service (Apple Pay, Google Pay, PayPal, etc.), and keeps it out of the hands of the online merchant.
4. Remove all saved payment information after finalising your purchase
Many websites automatically save your payment card details after you finish checking out. While this may be convenient and save you time on your next purchase, it also puts you at risk for a number of reasons. For starters, anyone with access to your device or online account could easily rack up hundreds (or even thousands!) of dollars of purchases in your name. In addition, the online retailer may suffer an all-too-common data breach, which could likely result in your payment card details ending up in the hands of a cyber criminal. A general rule of thumb is the fewer databases you allow your financial details to be stored on, the better. Subsequently, it would be in your best interest to immediately remove your payment card information after checking out. You can usually do this through your account settings.
5. Only shop on secure websites
The new standard for URLs is no longer “HTTP” but “HTTPS”. Having the “S” on the end indicates that their websites encrypts any and all data transmitted through the site. This includes personal data such as your name, address and payment information. We cannot emphasise this enough, you should NEVER trust a website that doesn’t use HTTPS in the address bar. A small lock icon in front of the website address is also another indicator that a website is secure and should be safe to purchase from.
6. Double (and triple!) check the website URL
Mistakes happen and we’re all guilty of the occasional typo, especially when trying to use those tiny keyboards on small smartphone screens, am I right? However, if gone unchecked, one typo can lead you into a world of trouble. Cyber criminals often buy domain names that are very close to real ones used by popular and reputable online retailers (think Amaazon.com instead of Amazon.com). They then build a fake ‘copycat’ site designed to fool victims who’ve accidentally typed in the URL. Being vigilant and taking a few moments to double-check that you’ve navigated to the correct website before you start shopping can save you a world of hurt.
7. Never use public Wi-Fi to shop online
Connecting your device to public Wi-Fi is asking for trouble. Hackers know that this time of year people are more likely to use their portable devices to search for products and prices while out and about in public. They often station themselves around popular public Wi-Fi spots and use it to spy on the activities of any other devices that are also connected. In doing this, these hackers are privy to every website you visit, every word you type and every app you open. With this kind of uninhibited access, it won’t be long until they’re able to see (and steal) your online account passwords and payment card information. We strongly urge you to switch off Wi-Fi while out in public and rely only on your mobile carrier’s network. Or, if that’s not a viable option, wait until you’re safely at home to do any online shopping.
8. Watch out for scammers impersonating well-known brands
While phishing is a major concern year round, the holiday season sees a major spike in phishing and smashing attacks. During the 2021 holiday season alone there was a 397% increase in typo-squatting domains associated with phishing sites. Cyber criminals know that this time of year people receive hundreds of retailer marketing emails, order confirmations and shipping updates. These emails provide the perfect templates for them to impersonate well-known and trusted brands like Amazon, Target and JB Hi-Fi. Unsuspecting victims are then tricked into clicking on a nefarious link and/or logging in to malicious website. Even under the most intense scrutiny it can be hard to tell which email is real and which is fake, so it’s important that you remain on high alert. This is yet another reason why we recommend always visiting a website directly, instead of clicking on an email link.
9. Keep an eye on your bank accounts
Odds are that, during the holiday season, you’re probably making more purchases than you normally would. Therefore, if you’re not paying attention, it can be easy for unexplained transactions to slip through the cracks. That’s why we believe you should keep a close eye on your bank account. Catching suspicious charges early gives you a greater chance of recuperating the lost funds, while also helping you prevent any further breaches. You can even set up banking alerts to monitor your account for you, all through your online banking app. For example, you may choose to set up alerts for purchases over a specified amount or for purchases made outside the country.
