Fortinet has reminded festive online shoppers that one of the best ways to ensure a safe cybershopping experience is to prepare for it. Among many key moments in a year, every festive season sees spikes in online criminal activity, ranging from phishing scams, fake shopping sites, and credit card skimming software, to malicious and compromised applications being posted in online app stores.
Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet, “Online shopping and the growing digital marketplace are transforming our world, giving us fast and safe access to a wider variety of goods than at any other time in history. However, this expanded landscape comes with real risks that needs to be understood. Cybercriminals are not only technically savvy, but they also recognize the latest consumer trends, understand the underlying assumptions shoppers make, and know how to exploit them. However, by educating ourselves and more importantly by implementing recommend best practices we can have a safe shopping experience.”
Fortinet advises shoppers to go the extra mile and implement safe practices to enjoy a happy and secure shopping this festive season.
1. Get Ready with the Basics:
• Start by making sure your devices, software, browsers, and applications have all been patched and updated to the latest versions. It is especially important that you are using updated and patched operating systems on all your devices.
• Make sure that your devices have security tools li ke antivirus and VPN installed and that you know how to use them.
• Get your passwords under control. Update older passwords with newer ones that are harder to guess but easier to remember. We recommend using passphrases -a passphrase is a sentence that is easier to remember, but very difficult for hackers to break. For example, “My voice is my passport.” Not all websites support passphrases, spaces in passwords, or long passwords. For added security add special characters and numbers to your passphrase.
• Don’t use the same password for different accounts. If needed, use a password vault that keeps track of all of your passwords.
• Shop with your credit card and not with your debit card. Many credit cards include fraud protection. They can also be blocked without freezing your other resources.
2. Go the Extra Mile:
• Every browser supports secure transactions using SSL encryption. But to be safe, make sure your connection is secure before you click the “Buy” button. You can do this by looking at the URL bar of your browser and making sure that the address starts with https:// rather than http://. You can also look for the little lock icon on your browser. These means that your transaction is protected.
• When possible, shop using a VPN (virtual private network) connection. With a VPN even if your communications are intercepted, they will be useless to cybercriminals because your data is encrypted. If you are going to be online in public places frequently, there are a number of low cost/no cost VPN services that will ensure that your connection is always protected.
• For more technical users, consider setting up a VM on your computer just for shopping. That way, if you happen to get infected it will be isolated to the VM and criminals will not be able to access other sensitive data on your device.
• You can also further secure access to sites by setting multi-factor authentication. Many online sites support two-factor authentication to doubly secure your financial data. Make sure you have it set up on your device and that you know how to use it.
3. Pay Attention & Shop Safely
• Look up the URL before you click on it. You can do this by copying the URL of the site you are visiting and drop it into a domain search engine like who.is. This will provide a variety of information, such as when the site was first created, where they are physically located, and information about the owner. Be suspicious of anything that has only been online for a very short time or that is registered in another country.
• Finally, make sure the checkout system accepts major credit cards. Avoid sites that require direct payments from banks, wire transfers, or untraceable forms of payment. Where possible, use digital wallets or Verified by Visa payment systems to protect yourself and your assets.