While Americans are finishing up Thanksgiving festivities, online retailers are getting ready for Cyber-Monday. Since the era of the internet, the first full work day after Thanksgiving has become the biggest online spending day of the year. Last year Cyber-Monday sales hit a record $2.26 Billion and are expected this year to hit $2.6 Billion for a 15% YOY increase.
It’s been a rough year in the world of cyber-security to be sure. Last year at this time Target got hit with what was then the biggest retail hack in U.S. history, until this past fall Home Depot succumbed to an epic attack that compromised 56 million credit cards. If these major retailers have taught us one thing it’s that no one is invincible to credit card fraud. There are too many cyber-thieves out there itching to steal your information. So when looking for those great deals this Monday, please be extra vigilant and take precautions to avoid getting scammed. Here are some quick tips to keep in mind as you shop online.
Protect your computer: Make sure to install the latest anti-virus and anti-spyware software on your desktop and mobile devices. Check for the latest updates and make sure to run virus scans regularly.
Only shop at stores you know and trust: This almost goes without saying. But as you’re in cyber-space shopping for those great deals, remember that cyber-thieves are counting on getting you to their fraudulent sites. Be wary of strange and unfamiliar “merchant” sites with deals too good to be true.
Only purchase from secure sites: Before transacting any online purchases, please make sure the website begins with “https.” The “s” stands for secure, and indicates that communication with the webpage is encrypted. A padlock or key icon in the browser’s status bar is another indicator that the site can be fully trusted.
Avoid pop-ups: Be careful of windows that pop up on your device promising you cash, bargains, or other incentives in exchange for your response to surveys or other questions. These can be a magnet for cyber-thieves trying to get access to private information.
Avoid public computers or public Wi-Fi for your shopping: Shopping online over your favorite local Wi-Fi hotspot can be asking for trouble. There are many tools out there that hackers use to snoop on other people’s browsing session. Another trick mentioned in this article is that hackers set up rogue hotspots, often with names like “Free Public Wi-Fi,” which unsuspecting people will then think are legitimate. So avoid shopping on public Wi-Fi connections if possible.
While there’s lots of advice out there about shopping securely on Cyber-Monday, most everything is targeted to the consumer. However, retailers and small business owners should take precautions as well, especially in making their infrastructure safe and secure against cyber-thieves. Please use this Cyber-Monday as an opportunity to review your cyber-security strategy, or to adopt one if you haven’t already done so.
Regularly update anti-virus software: While budgets are tight the risks of not having your network secured with the appropriate firewall and business class anti-virus technology far outweigh the costs. Ensure that your software is updated with the latest patches and that all applications, email programs, and browsers are covered.
Require stronger passwords: Make sure that all employee accounts are protected with strong passwords and limit administrator privileges only to employees that absolutely need this access. Require passwords that are long and contain many numbers and symbols as this helps protect against the likelihood of unwanted access to proprietary assets.
Secure your browser: Web browsers are one of the biggest points of security vulnerability. Malware frequently hitches to ads and other unreliable downloads and can inject viruses into your computer, putting your data at risk. Ensure that you only transmit personal information over a secure connection and always use an HTTPS connection when accessing the internet from a device with company information.
Change router default security settings: Router manufacturers often use the same default login information such as “admin” or “password” or some simple word. Since these are known to hackers, it’s important to change the default settings immediately upon setup.
Frequently backup your critical data: This should seem self-evident but it bears repeating. Set your system to automatically backup all important data such as financial records, legal information, customer account information, and proprietary databases.
Educate your staff: Education is the best policy for improving security awareness and effectiveness among your employees. Holding an annual compliance review to help enforce the importance of password protection and outline company security policies will go a long way to protecting the organization’s assets. National Cyber Security Awareness Month occurs every October and is a strategic time to get your staff onboard with the latest security best practices.