3 Ways to Stay Secure While Shopping Online During the Holidays

Like everything else in 2020, holiday shopping is going to be a circus. The CDC is recommending shoppers avoid crowded stores throughout the 2020 holiday season, which means that more people will conduct their holiday shopping online than ever before. As you begin your online shopping, it’s important to remember that this is one of the easiest times of the year to fall victim to a security breach.

As we head into the holidays, here are a few things to consider before you start submitting orders.

Update your passwords and DO NOT use the same password for multiple accounts

Facebook, Nintendo, GoDaddy, Zoom, Twitter, Marriott, MGM, Fifth Third Bank, Walgreens and T-Mobile. What do the following brands have in common in 2020?

If you guessed that they have all suffered a data breach in 2020, you guessed correct.

Odds are, you’ve been shopping online for several years and you’ll probably be a return customer to one of those online stores. Use this time to update your password on that account. The reason we encourage you to not use the same password that you use on other accounts is because hackers will use a form of phishing called credential stuffing, which uses lists of stolen account credentials (usernames and passwords) from online stores such as the aforementioned, then deploy bots to automatically attack a list of stolen credentials. If your email is on the list, the bots will attempt to use those same credentials on various outlets, betting on people like us using the same password.

Always use MFA (Multi-Factor Authentication)

If Facebook, Nintendo, or Zoom can be breached, don’t be naïve and think that the neighborhood boutique you frequent to buy gifts for your spouse can be compromised.

We’ve harped on MFA on a number of occasions, but like a parent telling a child to look both ways before crossing the street, we’ll continue to encourage our audience to take advantage of this security feature until we’re blue in the face. In fact, we’ll go as far as to say if you shop at an online store that doesn’t offer MFA, we wouldn’t recommend shopping there.

The MFA settings can typically be found by looking under Settings>Security on the website or app.

Be skeptical

2020 has been full of world-shifting events and, at this point, many of us are exhausted. Unfortunately, cybercriminals are banking on consumers letting their guard down. Email phishing scams are rampant during the holidays. Cyber criminals send fake holiday e-cards with links that are malicious and steal personal information. If a deal seems too good to be true, assume it’s a scam. Treat links, attachments, and other clickable pathways in your inbox with extra caution. If a link looks suspicious, it probably is. If you want proof as to how good these scammers are, look no further than the email sent to one of our customers just last week from “Amazon,” saying they dropped the ball on Prime Day. It uses Amazon’s logo, color scheme, etc. If you receive something like this, do a quick Google search, ask friends who are also customers if they received it. Whatever you do, don’t open the link until you are 100% sure you can verify who the sender is.

Above all, do not let the chaos of the holiday season distract you from the gravity of internet threats.

For more cyber security and technology updates and resources, subscribe to our newsletter below.

Louisville Geek provides comprehensive managed IT services for a diverse range of businesses and non-profit organizations. We are passionate about IT and love what we do!

Stay updated by signing up for our newsletter