Remember that cybersecurity breach Yahoo announced back in September 2016, reporting that 500 million user accounts had been hacked two years earlier? Earlier this week, the company outdid itself by reporting it also had been breached (in what seems to be a separate attack) in August 2013—and 1 billion accounts were compromised.
By Paul Romeo, NYSTEC Information Security Consultant
Being a safe and secure shopper starts with taking security precautions and thinking about the consequences of your actions online. Remember the following tips:
- Use websites with trusted names and strong reputations. Well-established retailers usually have more robust online security.
- Use credit cards instead of debit cards. A compromised debit card will enable access to your money, but a compromised credit card will only expose the bank’s money, and the consumer is typically not responsible for purchases they did not make. Just be sure to regularly check your statement and notify your credit card company of any suspicious charges. Whenever possible, use a payment service like PayPal.
- Look for the “https” URL and the padlock symbol. The “s” in “https” stands for security. It signals that the site uses encryption.
- Avoid using public WiFi for online shopping. Public WiFi is easily compromised. In public, you are better off using your cell phone network with WiFi disabled.
- When in doubt, throw it out. Don’t click on links in emails, texts, or social media posts. Links are the most popular means for cybercriminals to install malware on devices.
- Make your password a sentence. These days, your password should be more than 15 characters long. Using a remembered sentence mixed with letters, numbers, and symbols is a good way to create a password that’s difficult to crack. Avoid using birthdays or anniversary dates.
- Use different passwords for different accounts. Don’t use the same password twice. If you reuse the same password, hackers need to steal it only once to access all your accounts.
- Multi-Factor Authentication. Use strong authentication tools. Google and Apple allow two-step verification by sending a one-time PIN to your cell phone coupled with a password while logging in.
- If possible, use a separate computer for online shopping and banking. Most viruses and malware are transmitted through casual web browsing. If possible, use one computer or device for web surfing, email, and social networking, and a different computer for online banking and shopping.