It’s that time of year again. Not only have New Zealanders developed a bit of a taste for sales like black Friday and cyber Monday, the holiday season is well upon us. The internet – as vast and as diverse as it is, will be where some of us will do our shopping.
But you don’t have to venture too far on the internet to get into trouble, because criminals will take any opportunity to steal your money or your personal information. Security firm Trend Micro says there are many different ways criminals will try their luck, and some of them might not be as obvious as you think.
Is it a good idea to gift a connected device?
Whether it’s a mobile phone, smart appliance or any device connected to the internet, some manufacturers don’t quite understand that device security is very important. Security holes can expose people to online threats.
Trend Micro explains a few tips:
- Update firmware with the latest patches from the manufacturer and only connect to secure networks
- When registering an account for a smart device, use strong passwords and usernames that are different from other online accounts.
- If you want to give a smart device to a child or teen, check what information the device wants from users, how it uses, stores and protect that information.
- Teach users to use the devices responsibly and safely
So you want to use your phone to buy stuff
Browsing and purchasing online can be easy, but telling genuine and fake sites apart can be tricky.
- “Rely on your bookmarked and frequently visited sites, because even search engine results can lead you to malicious spoofed shopping sites,” Trend Micro says.
- Ignore ads, emails, promos and links with questionable offers from unknown sources.
- If you’re downloading online shopping apps, make sure they’re from genuine vendors to ensure secure transactions.
- Use the security features on all of your devices before you use them.
- Review publicly posted personally identifiable information (PII). Why? This information can be used as credentials to access your IoT and voice-enabled assistants without you knowing it, or craft socially engineered emails this season.
That email you just received might not be legit
Criminals can create genuine-looking emails that spoof websites like Apple, tempt you into fake bargains, or conduct phishing attacks. Trend Micro says before you click:
- Don’t immediately click on links embedded in emails. Bookmark your frequently visited websites or directly type the known URLs or email addresses of the companies’ representatives. Use a legitimate scam checker to scan questionable emails.
- Call the company or organisation via known contact numbers and confirm if they have email requests, verifications, or if they have existing promos as advertised in the email. Beware of calls claiming to be from companies asking for your credentials. Legitimate organisations such as banks will never ask for your password over the phone or via email.
- Limit the amount of personal information you share online.
Be wary of businesses on social media
Criminals can create fake companies or spoof genuine businesses, so do some digging before you buy from a company you’re not sure about.
- Manage the information you share, Trend Micro says.
- Be aware of the permissions and information collected by your installed social media apps and visited websites such as your location, email address and contact information.
- Look for the verifier symbols (such as the blue check marks) beside the names of brands and retailers before interacting, shopping, or giving information. Most social media platforms now have these to reduce the number of fake pages to help protect consumers from online criminals.
- Be wary of clickbait and alarming headlines, shopping promos, and bargain offers.
Finally, general tips like keeping your personal information private, using a security solution (for computer and mobile), keeping your browser and devices up to date, and using only trusted payment systems will help you have a much better experience with online shopping.