And if the 5th largest retailer in the world can be hacked (remember Target's breach from 2013?), how vulnerable am I when I shop using my home computer?
Before you fire up the laptop for that last-minute shopping, be sure to remember these simple tips for keeping your data—and your wallet—secure.
Rule #1 of safe online shopping: limit purchases to trusted retailers with secure websites. Sure, even the largest retailers can be vulnerable (we're looking at you, Target), but why take chances. Look for https:// in the URL of the site you are using. The "s" stands for "secure" and means that the site uses encryption to protect your information.
It bears repeating: if it looks too good to be true, it probably is. Did you know that there are "phantom" websites that pop up around the holidays offering amazing deals that you can't get anywhere else? Who doesn't want a $50 iPad? If an offer like that comes from an unknown "retailer," you run the risk of placing your order, giving them your credit card number, and never seeing the merchandise (or the website) again.
Make sure your antivirus software is up-to-date to prevent hackers and viruses from stealing your credit card information as you shop. Secure your wireless network to keep others from accessing it. Don't shop while using public or free Wi-Fi. And remember to be smart with your passwords and PINS. Passwords should use different combinations of letters, numbers and symbols and should be at least 8 characters long. Never use the same passwords for online shopping accounts as you do for bank accounts and other highly sensitive information.
Credit cards should be your payment of choice when you shop online. That's because credit card payments can be withheld from a retailer should a dispute arise, and generally you won't be required to pay more than $50 of fraudulent charges if your card is used by someone other than you. With a debit card, the store dips directly into your bank account. You might be able to recoup fraudulent charges eventually, but until all the red tape is cleared, those funds are gone.
As you worry about secure sites and phishing scams and password modifications, don't forget to make sure that your online gift purchase can actually be transferred to the recipient. If you are buying a sweater you shouldn't have much to worry about (be sure to read the return policy before you complete your transaction). But if you are purcashing downloads, tickets or other intangibles, make sure you read the terms of service and know exactly how and where the recipient can access his or her gift.
After you've made any online purchase this holiday season, continuously check bank and credit card statements and immediately report to your bank or credit card company any suspicious activity.
As an organization, it is crucial to take similar steps to minimize your cyber liabilities. Check out our whitepaper, 5 Steps to Uncovering Your Cyber Liability Risks, as a first step towards assessing your cyber risks.