IT Vortex - Managed IT Services

Your Holiday Guide to Safe Cybershopping

Individuals and retailers aren’t the only ones getting ready for the biggest shopping season of the year. The holiday shopping season is also a big event for cybercriminals. Every holiday season, security researchers document spikes in online criminal activity, ranging from phishing scams, fake shopping sites, and credit card skimming software, to malicious and compromised applications being posted in online app stores. At the same time, because people will be getting out their credit cards to make sometimes large numbers of purchases, attackers assume that a few fraudulent transactions may be easily missed.

Here are a few tips to help you have a happy – and secure – holiday shopping season.

Get Ready

One of the best ways to ensure a safe cybershopping experience is to prepare for it.

  • Start by making sure your devices, software, browsers, and applications have all been patched and updated to the latest versions. It is especially important that you are using updated and patched operating systems on all your devices. For example, earlier this year a vulnerability allowed adversaries to potentially attack and control your Android devices. The unfortunate part is this may potentially effect phones that are no longer getting updates, but are still being used. Shopping using a mobile device at a physical retail location is quite common, but may introduce new risks you may not have considered as well.

  • Make sure that your devices have security tools installed, such as antivirus and VPN, and that you know how to use them.

  • Get your passwords under control.
    • Update older passwords with newer ones that are harder to guess but easier to remember. One trick is to use the first letter of every word in a phrase you know. We recommend when possible, using passphrases. A passphrase is a sentence that is easier to remember, but very difficult for password crackers to break. An example of this might be “My voice is my passport.” In this case, the password doesn’t have special characters or numbers, but a sentence with spaces will be especially difficult for password crackers to attack. Of course, not all websites support passphrases, spaces in passwords, or long passwords. For added security add special characters and numbers to your passphrase.
    • Don’t use the same password for different accounts. If needed, use a password vault that keeps track of all of your passwords for you.
       
  • Shop with your credit card and not your debit card. Many credit cards include fraud protection. They can also be turned off without freezing your other resources. Also, make sure that your credit card provider will alert you to suspicious card activity. Many banks also offer one time or limited passwords. There are specialty sites such as privacy.com that will let you create a credit card number for each transaction.

Go the Extra Mile

While the tips listed above are an important start, there are a few more things that you should consider if you are adamant about safe cyber shopping.

  • Every browser supports secure transactions using SSL encryption. But to be safe, make sure your connection is secure before you push the “purchase” button. You can do this by looking at the URL bar of your browser and making sure that the address starts with https:// rather than http://. You can also look for the little lock icon on your browser. These mean that your transaction is protected. Popular open-source plugins include HTTPS Everywhere and uBlock Origin that can be added to most browsers for free to secure transactions, filter content, and block ads.

  • When possible, shop using a VPN (virtual private network) connection. That way, even if your communications are intercepted, they will be useless to cybercriminals because your data is encrypted. If you are going to be online in public places frequently, there are a number of low cost/no cost VPN services that will ensure that your connection is always protected.

  • For more technical users, consider setting up a VM on your computer just for shopping. That way, if you happen to get infected it will be isolated to the VM and criminals should not be able to access other sensitive data on your device.

  • You can also further secure access to sites by setting multi-factor authentication. Many online sites such as banks support two-factor authentication to doubly secure your financial data. Make sure you have it set up on your device and that you know how to use it. You will also want to backup your one-time access codes or recovery keys when you use this option. Don’t just settle for SMS verification, but use something like Google Authenticator or YubiKey

Shop Safely

  • Everyone has heard that you shouldn’t click on linksin an email or on a web site unless you know they are safe. However, about 1/3 of users do it anyway. One way to conquer your curiosity is to know what that link leads to.
    • Hover your mouse over a link and you should be able to see the URL either as a pop-up or at the bottom of your email or browser page.
    • Look at it carefully before you click it. Does it look normal? Is the name too long or does it contain lots of hyphens or numbers? Is it the URL going to the site it claims to link to, or to somewhere else? Does it replace letters with numbers, such as amaz0n.com?
       
  • Look up the URL before you click on it. You can do this by copying the URL of the site you are visiting and drop it into a domain search engine like who.is. This will provide a variety of information, such as when the site was first created, where they are physically located, and information about the owner. Be suspicious of anything that has only been online for a very short time or that is registered in another country.

Pay Attention

Be aware that cybercriminals will go to great lengths to spoof popular shopping sites. However, there are ways to tell if you have landed on a site you need to worry about.

  • Start by look at the website design. Most cybercriminals do not have the time or resources to make an exact duplicate of the site they are spoofing, or to develop their own fake shopping site. A little looking around can go a long way to helping you decide if you should stay or go. For example, does the website look professional? Do the links work, and are they accurate and fast? Are there lots of popup ads? These are all bad signs.

  • Next, read the text on the website. Bad grammar, unclear descriptions, and misspelled words are all giveaways that the site may not be legitimate.

  • Remember that of it’s too good to be true, it usually is. Of course, there are sometimes really great deals for things on the internet. But in general, unusually low prices and high availability of hard-to-find items are red flags for scams and vendors selling knock-offs.

  • Finally, make sure the checkout system accepts major credit cards. Avoid sites that require direct payments from your bank, wire transfers, or untraceable forms of payment. Where possible, use things like PayPal or Verified by Visa payment systems to protect yourself and your assets.

An Ounce of Prevention…

Online shopping and the growing digital marketplace are transforming our world, giving us fast access to a wider variety of things than at any other time in history. However, this expanded landscape comes with real risks that need to be understood.

People looking to take advantage of unsuspecting consumers have been around as long as there have been marketplaces to shop in. Today’s cybercriminals are no different. They are not only technically savvy, they also recognize the latest consumer trends, understand the underlying assumptions shoppers make, and know how to exploit them. However, by taking the time now to educate ourselves and others, we can have a productive – and safe – holiday shopping experience.

Share this post

questions about our services?

Request a free consultation. Fill out the form and we will call you to answer all your questions



Tech Tips, Cyber Threat Mitigation, Cutting Edge Technology, Cost Savings and More!



 

IT Vortex, LLC is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. You will consent to us contacting you for this purpose, by submitting the form.

Apply for this position

Fill out the form below and our hiring team will reach out to you as soon as possible



zoom-logo

We use Zoom extensively to meet internally and externally. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

wasabi logo

Wasabi is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

vmware logo

Our Datacenter is built on a VMWare architecture. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation. 

veeam green logo

Veeam is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Trend Micro Logo
Solarwinds Logo

Solarwinds is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Proofpoint essentials Logo

Fortinet is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

observe IT Logo

ObserveIT/Fortinet is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

NEAT Logo

We use NEAT extensively in our offices. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

mitel logo

Our telephone platform of choice. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

microsoft logo

Various Microsoft technologies are offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation. 

ingram micro cloud logo

Our distribution preferred partner for our technology offerings.

Fortinet logo

Fortinet is offered in our Cloud Hosting Platform? We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

DTEN logo

We use DTEN extensively in our offices. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Dropbox logo

We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Dell logo

Dell servers are a key component offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Condusiv Technologies logo

Condusiv Technology is offered in our Cloud Hosting Platform? We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Cisco logo

Cisco Technology is offered in our Cloud Hosting Platform via DUO for MFA. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Barracuda Logo

Barracuda Technology is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Amazon_Web_Services_Logo

IT Vortex partners with AWS via VMware for the VMware on AWS offering that allows for cloud services fulfillment via AWS utilizing the same VMware products many companies already enjoy the benefits from.

ACTI Logo

Technology Reseller and Distributor, Certified Implementation Expertise with all ACTi products and services. IT Vortex has worked with ACTi for over a decade implementing security camera solutions for a multitude of industries with AI, Facial Recognition, License Plate Recognition, Loitering Detection, Cloud storage, and more.

questions about our services?

Request a free consultation. Fill out the form and we will call you to answer all your questions



microsoft logo

Name of the partner

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco

Security as a Service (SECaaS) by IT Vortex

Pricing Calculator

Choose a service, answer a few simple questions, and receive an individual quote for our services

User count by type

Fill out the form and we will call you to answer all your questions