The holiday season started with black Friday (in the US at least) and millions of people flock to online retailers hoping to snag a once-in-a-lifetime deal. Where there are hordes of people, there are criminals looking to take advantage of unsuspecting netizens.
So how can you stay safe? Here are some tips:
- Risky WIFI - Free WIFI may be tempting but I strongly recommend you stay away from them (unless you have a VPN solution) because someone may be sniffing your traffic looking for passwords or credit card information. It is recommended to do your shopping while in the safety of your home network.
- Don't click on that email link - Stores will be bombarding you with links to their special promo pages and criminals know this. They will often craft email attacks that look like they are coming from a reputable store but instead direct you (when you click) to their "evil" site. Type the retailers URL manually in your browser.
- Buy from trusted sites - In additional to creating fake Amazon like store-fronts, criminals sometimes set up entire fake online retailer storefronts complete with email marketing to SPAM lists they buy trying to lure you into giving them your credit card information. They do this by offering deals that are "too good to be true". If something is too good to be true it probably is. Only shop online from known and trusted retailers.
- Use strong passwords - This is a great time to make sure you are using long, complex and unique passwords. I recommend storing your passwords with a free tool called Lastpass (link). This is my preferred solution because it is online, secure, easy and free. I generate unique and strong passwords using a little known feature of Wolfram Alpha, instruction are provided here (link).
- Pay with plastic - Most credit cards have very consumer centric fraud protection limits therefore I recommend you make all of your online purchases with it (not debit cards which provide direct access to your bank account).
- Save purchase Information - Keep a record of all online purchases. This information will help you in the event of a fraud complaint or just to ensure the retailer treats you fairly. I recommend keeping:
- date - time
- exact model number, price and quantity
- exact copy of final invoice
- any shipping or tracking numbers
- customer support contact information
- Regularly Check your bank statement - This the season of fraud so it is a good idea to check your bank statement for irregularities at least once a week (until end of January).