For many of us, the holiday season is about friends, family, food, and shopping! This year, many people will conduct all of their shopping online to avoid exposure to the COVID virus. But this giant shift to online shopping is a bonanza for cybercriminals, whose tactics evolve daily. So, we thought we’d share some security tips for online shopping, with some bonus content at the bottom of this article on security tips for holiday travel.
From Savvy’s family to yours, we wish you very happy – and secure – holidays!
Security Tips for Online Shopping
Never install unfamiliar software.
There are hundreds of shopping apps out there. Some of these apps may be malicious, so only use apps that you know and trust. When you download software or apps, be sure to download from verified sources such as the App Store or Google Play. You can verify that an app is legitimate by reading the app’s reviews, checking the number of app downloads, and looking up the app’s developer.
Verify attachments are safe before downloading them.
A common tactic among cybercriminals is to create phony email notifications from a retailer or postal service. These notifications often include a malicious attachment. The cybercriminals may claim that there was an update to your order or that your package has been delayed, but you’ll have to download the attachment to find out more. Don’t fall for this trick! Before you open the attachment, contact the retailer or postal service to verify that the notification
is legitimate. You can also look up your order directly on the website where you made the purchase.
Verify links before clicking.
Watch out for malicious advertisements, otherwise known as malvertising. Malvertising is when cybercriminals use ads to spread malware or to trick users into providing sensitive information. When online shopping, only click on an ad or link from a reputable source, such as a retailer’s official social media profile. To be extra careful, use your browser to navigate to the store’s official website to shop instead.
Security Tips for Holiday Travel
Have you ever been on a trip and realized that you forgot to pack something important? It’s easy to overlook things during the hustle and bustle of traveling, especially during the holidays. Unfortunately, cybercriminals take advantage of this busyness to target holiday travelers. Their goal is to catch you off guard when or where you least expect it. Don’t let cybercriminals ruin your holiday plans! Follow the tips below for safe travels:
Secure your devices when they are not in use.
Never leave your phone, tablet, or computer unattended. Try to take your device with you wherever you go. If you do need to step away, lock your device. Then, ask a trusted friend or family member to keep your device safe while you’re gone.
Use strong passwords.
Use strong passwords for all your devices, apps, and services! Don’t forget to include the apps and services that you only use while traveling, such as hotel websites and translation apps. For added security, many apps allow you to use biometric identifiers instead of a password. If your device has a fingerprint scanner or facial recognition, set up this feature before leaving on your trip.
Use a VPN when connecting to your organization’s network.
If you need to work while traveling, make sure to use a Virtual Private Network, or VPN. VPNs create a private network and encrypt your internet activity to protect your information from cybercriminals. Using a VPN is especially important if you connect to a network in a public place, such as a coffee shop or airport.
Beware of public Wi-Fi networks.
Always disable the option to automatically connect to Wi-Fi networks on your phone, tablet, or computer. Instead, manually choose which network you’d like to join. Only use Wi-Fi networks that you know are safe, and never connect to random hotspots.
Security Awareness Training for Law Firms
As a leading channel partner with KnowBe4, the world’s most popular security awareness training and simulated phishing platform, Savvy Training & Consulting can provide the tools and training that may help prevent security breaches and cyberattacks on your law firm or corporate legal department.