Web Security graphic art. Photo by: FutUndBeidl / Flickr
Web Security graphic art. Photo by: FutUndBeidl / Flickr

The 2015 shopping security checklist for Cyber Monday

The 2015 holiday shopping season has officially began. Our credit and debit cards are in full force out in the cyber world.

If you’re reading this you’ve survived the first round of holiday get-togethers. With Black Friday out of the way, consumers that prefer to shop online will be looking forward to the Cyber Monday sales just around the corner.

While you’re busy checking items off your lists, one often overlooked item should be in bold at the top: security. As you hastily jump on deals that won’t last long, the risk of your information being stolen is higher than any other time of year.

How can we make sure we are fully protected from these threats?

1: Banking Alerts

Account alerts have saved me several times back before my journey into the cybersecurity field began.If I could thank the genius that came up with this idea I would.

Now that I have learned how to beef up security, you can learn from the mistakes I made without the stress of having to find out that your account was compromised and stress about filing an incident report as well as getting a new card when you have better things to spend your time on.

Most banks and credit card companies offer alerts for large purchases as well as text message alerts for all purchases. These alerts may seem cumbersome initially but in the event someone swiped your card info, the faster you catch them and stop the damage, the better.

2: Paypal

PayPal has come a long way in recent years. When using your card to pay for items online having a middleman to help with disputes is always helpful. Also, chances are if the retailer doesn’t accept paypal, you may want to walk away because that could be a red flag that they aren’t in good standing with other consumers.

3: SSL (Secure Sockets Layer)

Here’s where I’ll try not to bore you with tech talk, but most of you will recognize the lock on secure pages you visit. This is a security protocol called SSL, (Secure Sockets Layer). It is the standard security technology for establishing an encrypted link between a web server and a browser.  

To summarize this feature: SSL makes secure online transactions possible by using certificates to prove that the website is actually authentic and not a spoofed site harvesting your credentials. Check the certificate when you see this lock symbol by selecting it and read about the encryption and other information available if you have a few minutes. If the certificate is invalid or expired that is usually a red flag, so be aware.

4: Updates, Firewall, and Antivirus

I cannot stress enough how important updating your system is overall. Even if your system is set to update automatically, double check the updates within the settings in the computer. Not being up to date leaves one vulnerable to exploits in the system you’re using that make it easier for your information and computer to be compromised.

Another feature some common end-users may overlook is the firewall. Specifically, Windows Defender, be sure that it is on and up to date.

Also, get anti-virus, most are free and if you need a suggestion I will always recommend AVG because they have a free version for Windows, Mac, and even mobile devices.

5: Email Vulnerabilities

Phishing and spoofing are two terms you may not know, but several online users have already fallen victim to these digital breaches.

Emails with phishing and spoofing are misleading messages, such as the common email from your “bank” asking you to log in from their link. Do not click the link. Unless you are expecting an email, just junk it. Most phishing and spoofing will have a link that takes you to their website that looks just like the login page you would expect and from there when you log in they have all the information they need. It takes a few minutes to make one of these spoofed sites and attackers have been doing so for a long time.

If you’re unsure about an email, log in to the account from a separate window using the address you know instead of the link, if it is legit the alert from the email will show up there as well. If you realize you received a spoofed email be sure to report it so your email provider can stop the spread.

6: Public Wifi

Do not use public wifi to make purchases and/or payments. Attackers may install sniffing software that can gather packets with your information. If it can’t wait, use cellular data (with a VPN if possible).

7: Password Security

When creating new accounts while shopping follow this rule of thumb: treat your password like a toothbrush. Do not share it, and change it often. Also consider two factor authentication if available. Include a symbol and letter if possible, and don’t use the same password for every account.

8: Device Use

If you only have one device this is easier said than done, but don’t use the same device for online payments as you do for online use that may put you at a higher risk (ahem, porn, and illegal downloads).

9: Insuring Packages

Mail fraud is still an issue every year, so when mailing presents be sure to insure your packages so if they are stolen not all is lost.

10: Using Trusted Retailers

The safest bet when shopping online is using a retailer you trust. Good luck on your holiday shopping!

    1. My Top 3 Cyber Monday Retailer Picks
      1. Amazon- http://www.amazon.com
      2. Ulta- http://www.ulta.com
      3. ToysRUs –http://www.toysrus.com