Internetwork Engineering Blog

Merry, Mobile and Secure: 7 Ways to Protect Yourself When Shopping Online (INFOGRAPHIC)

Written by Internetwork Engineering | November 22, 2016

It’s almost Thanksgiving, which can only mean one thing; it’s time for some serious cybershopping! According to Adobe’s 2016 Holiday Online Shopping Predictions report, more than half of all online shopping will be done with mobile devices for the second straight year, accounting for approximately 53% of all online purchases. Online sales are also expected to top $91.6 billion across the US from November 1 through December 31, an all-time high for the holiday season. Clearly people enjoy getting to do the bulk of their holiday shopping without leaving their house or their Christmas ‘jammies! (For a hilarious distraction, check out Raleigh natives, The Holderness Family, in their Christmas 'Jammies Jingle!)

Although, just like most things in life, with increased convenience comes increased risk. To ensure a safe online shopping experience, we have seven ways for you to stay merry, mobile and secure this holiday season.

How to Stay Safe When You’re Shopping Online:

 

 

#1: Always Lock Your Device with a Password

On today’s smartphones and tablets, you have the option to lock the device with a password or pattern. If a cybercriminal gets their hands on it, you don’t want them accessing your data, and a simple passcode can keep it safe even in the wrong hands.

If for some reason you don’t feel that a passcode is enough to ensure the security of your data, you can also enable device wipe. By setting the device to wipe itself after five, seven, ten, or any number of login attempts, you can keep your personal data out of harm’s way. While it may seem like a drastic thing to do, and something you could even do to yourself by mistake, it’s a great way to keep from losing valuable personal (or company) data. And as long as you remember your password you don’t need to worry about doing it accidentally!

#2: Only Download or Make Purchases Through Official Apps

While this may seem to be pretty obvious, unofficial apps intentionally make it hard to discern whether or not they’re legitimate. Many of them also have the same names as well-known apps, for example: Overstock.com recently appeared in the App Store as Overstock Inc. It sounds almost identical, and even had the exact same logo, but clearly it was not the real thing -- so how do you tell if an app is legitimate or not?

The easiest way is to take a closer look at the app itself. Does it have any reviews? Does the description sound like it was written by someone with a strong grasp of the English language? If the amount of reviews seems low for a major online retailer or if their app description shows some red flags, chances are you need to stay away from it. It’s always better to be safe than sorry!

#3: Always Download Device and Network Updates

Device makers and cell phone service providers are constantly having to push out updates to keep up with evolving cyberthreats. Currently, more than 90% of device updates are to patch security vulnerabilities in programs, as many cybercriminals exploit these vulnerabilities to deliver malware.

While it may seem like a hassle to stop what you’re doing to download an update and restart your phone, trust us, if there’s an update, it needs to be downloaded.

#4: Don’t Make Purchases Using Public Wi-Fi

Here’s a big one that few people are aware of. Ever connected to a public Wi-Fi network? Of course you have, unless you’re a security stickler like a lot of us here at IE. But what most don’t know is that public Wi-Fi networks are often open and unsafe.

When you’re at home or at the office, encryption helps protect your network traffic from the view of others. For example, even if someone else is within range of your Wi-Fi network (like a neighbor), they can’t see what websites you visit. The traffic flow is encrypted between whatever device you’re using and your router using a password.

However, public Wi-Fi networks are typically unencrypted, and do not require a password in order to connect, making all of your traffic visible to everyone within range of that network. People can see what you’re typing into unencrypted web forms, what web pages you’re visiting, and even which encrypted websites you’re connecting to.

This clear lack of privacy is why it’s best to avoid connecting to public Wi-Fi whenever possible. Although if a situation arises where you have to connect to a public network, it can be done safely and securely as long as you use a VPN (virtual private network)!

#5: Only Buy from Sites that Utilize SSL Protection

If you’ve ever noticed, most all sites that require you to enter any personal or payment information usually have a URL that starts with “https://” -- or at least they should. This means the site is protected with Secure Sockets Layer, or SSL. Why is that important?

If you’re on a website that’s protected with SSL, you know that regardless of the network your device is connected to, any information you are viewing or entering is encrypted and unable to be viewed by others.

#6: Don’t Save Your Credit Card Information on Any Device

This one is pretty important, especially considering the recent DDoS attacks, which reportedly took advantage of over 100,000 personal devices infected with Mirai malware. With so many people across the globe currently using infected devices without their knowledge, you can see why having your credit card information saved anywhere could be an issue. All it takes is connecting to the wrong public network, or one click on a phishing link to infect your device -- so be careful. And speaking of phishing links…

#7: Don’t Ever Click on Unknown Links

Whenever you’re perusing the web, make sure to avoid unknown links. One click to the wrong place can leave your device infected with malware, giving hackers complete access to anything and everything on your device.

Cybercriminals love attacking unsuspecting users during the holiday season too, and some of the most common phishing methods attempt to impersonate retailers like Amazon or eBay to get into users’ accounts. Most often these cybercriminals claim they need your login credentials because your account was either hacked or compromised. Charitable phishing emails are also common this time of year to take advantage of people’s giving spirit during the holidays, which include faulty links filled with malware. There’s nothing wrong with being charitable, just be sure your charity is going to the right place and not into a cybercriminal's bank account!

While cybershopping seems harmless enough to be done in your Christmas jammies, it can involve some very real dangers. Be sure to follow our tips to stay merry, mobile and secure this holiday season. Happy cybershopping!