The following is a guest contributed post from Gary Miliefsky, Founder of SnoopWall Inc.
October was National Cyber Security Awareness month and during that time, millions of online identities were stolen in America with more than 200 published breaches.
We’re now getting close to 1 billion records of identity theft – more than three times our entire population in the United States.
Nearly two-thirds of Americans have heard, read or seen something about online safety and security issues recently, according to StopThinkConnect.org. Yet consumers also say they don’t take steps to stay safe online because they lack information or knowledge.
So here are my best tips to help you enjoy the Christmas shopping experience without losing your privacy and identity or putting your children’s safety at risk:
• Change your passwords – all of them. Do it now and do it as frequently as you can tolerate. If you don’t want to change them often, then use any unique characters you can think of, such as a dollar sign ($) or an exclamation mark (!) or replace a letter “O” with a 0 (zero). This goes a long way in preventing brute force attacks against your password. Also, never trust anyone on the phone who asks for your password, especially if they called you. The same holds true with emails. Both the telephone and email are used by people who try to get your password by pretending to be the IRS, your bank or someone else you have an account with.
• Clean up your apps. Assume most of your smartphone or tablet apps are malware that spies on you and your online behavior. Do you really need them? Delete any apps you don’t use often. Replace apps that take advantage of too many of your privacy settings with similar apps that don’t. On an iPhone, you’re not being eavesdropped on until you run the app.
• Shop online only from websites you trust. If you don’t know where the merchant is located, don’t shop online there. If they don’t have a corporate address or are located in another country, it could be iffy whether you ever see the goods you think you purchased. Also, if their shopping-cart experience is not an HTTPS browser session, then everything you type in ¬– your name, address and credit card information – is going over the Internet unencrypted, in plain view.
Never buy online using your credit card on a site that doesn’t have SSL (secure sockets layer) encryption installed. It’s easy to tell you are in a secure, encrypted session. You should see an icon of a locked padlock in your browser and the website URL starts with HTTPS not HTTP. Also, if you receive emails from the merchant, no matter the reason, don’t give them your credit card information over email.
• Don’t use cash or debit cards. You have three major choices when shopping – cash, credit or debit. In rare but growing instances there’s even a fourth option called “Bitcoins,” which are now accepted at some merchants including Overstock.com. Bitcoins could be considered the equivalent to the cash option, because once used, you can’t get them back. So, if you have to choose among these options, the best is the credit card.
Here’s why: If you experience identity theft, credit card laws allow you to keep all of your credit immediately, with no responsibility during an identity theft or fraud investigation. With a debit card, your bank’s policy can be to tie up your money in the amount of the fraudulent transactions for up to 30 days. Some have been known to take up to 60 days to resolve the issue.
• Don’t use public WiFi without using SSL encryption. Public Wifi networks can be a hacker’s dream. If they want, they can see what websites you are visiting and insert malware into your computer or other device. The hacker also has access to any information you are sending out over the Internet, which could include credit card numbers or other critical information.