Its a Cybercrime Christmas: How to Protect Yourself This Holiday Season
The holidays are upon us, it is a festive time for many people, but sadly others have their minds on cybercrime and your wallet.
For some, xmas is an opportunity to make extra cash by exploiting others.
We know this threat exists and we know that it peaks during the busiest shopping times of the year, so now is a great time to cover how you can keep yourself safe, here are my top tips for protecting yourself against cybercrime.
Credit cards have a lot of protection features, if a fraudulent purchase is made, you have zero liability if reported on time and we can take advantage of the credit card features to limit risk.
First things first, monitor your credit card charges frequently instead of waiting for the statement you will get after the holidays. That way you can spot and address an issue before it gets out of hand.
Some credit cards can send you an alert via text message or email if certain criteria are triggered from a threshold value. For example, it can send an alert for any transaction above $50. Set the lowest possible trigger values for all the alerts available; you will need to do this through your credit cards online account or by calling customer support. If you can set it as low as $1, then you will get notified virtually for every transaction.
You may have the option to lock a credit card (and your debit card too). This is a good option to use for any credit cards you do not plan to use during the holidays. It is also a good option for a card you do plan to use. One reason you may not want to use it will depend on whether you be able to unlock right before a purchase and right after a purchase. One of my accounts allows me to lock and unlock my debit card with its iPhone app, I unlock before a transaction and lock after the transaction completes.
Cybercriminals might try to establish credit in your name this holiday season and it is much more likely to happen after the recent Equifax breach, so if you have not frozen your credit with the major bureaus, it is a good time consider especially when you do not plan to make a big credit purchase.
The large number of Cyber Monday sales makes it so convenient to buy online. There are some things we can do to limit risk.
HTTPS Secure Websites
Always look at the address in your browser to make sure you are secure.
Make sure the address is correct. For example, make sure you are on “amazon.com” versus “amazonn.com” (a fake site).
Look for “https://” and avoid “http://”. Another way to check is to look for a green lock icon next to the address in the address bar.
If you get an alert from your browser that this site may not be safe, close the browser immediately.
Ads and Unsolicited Messages
Avoid clicking on ads or any unsolicited text messages / emails. They will likely take you to a fake site or be part of a scam.
Those top hot selling products sell out pretty quickly at the brick and mortar stores and finding them online may be the only option. Criminals know this and set up fake web sites or sell imitation products.
Make sure to buy from reputable sellers. Look for seller ratings on eBay, Amazon, etc. Do searches on the seller if no ratings exist. Look at the seller’s country of origin. If the price is too high or a big bargain, they might be red flags.
Avoid WiFi for Financial Transactions
We received confirmation this year from KRACK that WiFi is not as secure as it could be. It is best to assume financial transactions (banking, credit card, etc.) can be eavesdropped over WiFi. It is best to use Ethernet cable connections when doing online transactions.
For many, Ethernet is not an option as many devices only provide WiFi and cellular connections. If that is your situation, avoid public WiFi and use a trusted WiFi (one which has been secured). If you are unsure if your WiFi connection is secure, use a cellular connection over 4G or LTE (avoid 2G and 3G).
Starting Your 2017 Taxes
Cybercriminals are stealing income tax returns. With the recent Equifax breach we are more vulnerable. The holiday season is a good time to start preparing your income tax returns to file immediately after the earliest file date in January.
You may not have all the official W2, 1099, and other forms but you can estimate them. Also, tax software companies usually release an early preview edition of the 2017 tax software. You can estimate as much as you can to file right away.
When you estimate you can take one of two strategies: file to get a refund, or file to owe. I recommend file to owe because when you re-file your taxes with the correct information you are less likely to incur a penalty, especially if the re-file results in a refund. Conversely, filing to get a refund and a re-file resulting in paying taxes might incur a penalty.
Please reply and share your strategies for keeping secure during the holidays. We can all benefit from shared wisdom.
Before you go…
Do you like to read novels and interested in cybersecurity? Join the “Black Hat Chronicles” fan group to get updates on my writings, short stories, and upcoming novel.
Read the free preview of the “Black Hat Chronicles: Preparing the Python Attack: A Short Story” Amazon Kindle eBook to learn what motivates some hackers. Read it for free with Kindle Unlimited.
Read the “Practical Cybersecurity Tips” Medium series to get some quick pointers.
A Note from the Author
Join my mailing list to receive updates about my writing.
Visit miguelacallesmba.com/subscribe and sign up.
About the Author
Miguel is a Principal Security Engineer and is the author of the “Serverless Security “ book. He has worked on multiple serverless projects as a developer and security engineer, contributed to open-source serverless projects, and worked on large military systems in various engineering roles.