Gone are the days when you had to force your way through the crowds to get your holiday shopping done. The 2018 holiday season is projected to see $124 billion in online sales which is a 14.8% increase from 2017 and only likely to increase come next year. Cyber Monday is now the biggest shopping day of the year, outstripping Black Friday and making every other holiday seem minor. People enjoy purchasing their gifts from home and having the items delivered directly to their front door. It seems like the perfect solution to the holiday madness . . . but there is a downside.

The Dangers of Online Shopping

When you make a purchase online, you’re trusting that your credit card information and personal data is being kept safe by the company you’re buying from. Most of these companies, particularly big ones like Amazon and eBay, work very hard to keep your information safe. However, the reality is, e-commerce sites are targeted by cybercriminals because there is valuable information within those databases (login credentials, credit card details, etc.).

Hacking is big business, and it’s estimated that around 90% of login attempts are actually made by hackers these days.  And the threat only increases based on the fact that many people use the same password on multiple sites. Hackers will use the information they obtain to make other online purchases, breach your bank accounts, etc.  Companies generally advise users, but this can sometimes be weeks or months after a successful hacking attempt, which is more than enough time to do some serious damage with the information they’ve stolen.

So, what can you do to protect yourself from this type of attack, particularly during the holiday shopping season?

Set a Strong Password

Avoid using a password that could easily be guessed. Do not use publicly available information about you or your family (name, address, etc.), or related to things you’ve posted on social media (pet’s name, birthday, favorite rock band, etc.). It’s best to be as random as possible. Use a minimum of 12+ characters, with a mix of letters, symbols, and numbers. Use uppercase and lowercase letters where allowed. You should also change them frequently so anyone who may guess them will be unable to reuse the information. Store your passwords in a password vault.

Only Shop Online Using Encrypted Sites

Encrypted websites have additional security measures and should be the only ones you use to make a purchase. You can check to see if the site is encrypted by looking for a lock symbol in the URL bar. The URL should also have “https” at the beginning instead of “http”. This means anything you send on the site will be encrypted and sent only to the website owner. It is difficult to intercept this type of information, so it stays safe. Additionally, ensure the online purchases you make this holiday season are done with your credit card (or ApplyPay) as opposed to a debit card. Should an attacker steal your credit card information, you have more fraud protections than if they stole your debit card.

Use MultiFactor Authentication (or “2FA”)

Some online shopping sites, like Amazon, offer multi-factor authentication (a.k.a. “2FA”, “Two-St Authentication”) as an additional security option for your login. You should enable this on all online accounts that offer it. If an attacker were to have compromised your username and password, having 2FA enabled can prohibit them from accessing your account.

Avoid Phishing Scams

The most common type of phishing is via email. You may receive an email that is supposedly from a store, asking you to fix your account or advertising a sale. If you click on it, you are taken to a copycat site, where they take your login info when you try to sign in. Since you’ll be receiving plenty of notifications during the holiday shopping season, play it safe. Instead of clicking on questionable links in the email, you should manually enter the website’s URL into your browser. Also, avoid opening any attachments that may come with the emails, and watch for emails that are obviously from an address that is not the company’s.

Don’t Store Your Logins Credentials or Card Information in Your Browser

While extremely convenient to have your computer remember your login or save your credit card details for later purchases, if an attacker were to compromise your computer, they would have access to this information. Do not allow your browser to store this information for you. Do not allow the login page to “remember” you. You’re only making it easier for an attacker. Instead, you can use a password vault to store not only your usernames and passwords for online shopping sites, but you can also store your credit/debit card information there as well. If you have the password vault desktop or browser extension installed on your computer or tablet, with a click of a button, you can populate the necessary information in a safe and secure manner.

Get Outside Help

You should have your computer and other technology assessed to ensure it isn’t posing a risk to you or your family. Consider using the BLACKCLOAK Team to protect your information. Blocking hacking attempts and cyberthreats is the best way to avoid being caught by a hacker.

When you prepare for the possible attacks that may occur while you’re online shopping, you protect yourself. Now you can go ahead and buy those gifts online without worrying that your identity will be stolen.