Internet Protection Tips and Warnings


Online Shopping Season: What You Need to Know to Protect Yourself

Online holiday shopping continues to grow in popularity. Shoppers are expected to spend nearly $62 billion online throughout this holiday season, up more than 15 percent from 2012. The use of mobile devices for online shopping is projected to reach almost $10 billion for the 2013 holiday season1, as more consumers are using these devices to compare prices, research products, locate stores, and make purchases to a larger degree than ever before.

Whether conducting transactions from a desktop, laptop or mobile device, keep these tips in mind to help protect from identity theft and other malicious activity throughout the year:


Secure your computer and mobile devices.
Be sure your computer and mobile devices are current with all operating system and application software updates. Anti-virus and anti-spyware software should be installed, running, and receiving automatic updates. Ensure the use of a strong and unique password not used for any other accounts. Set a timeout requiring authentication after a period of inactivity.

Use mobile applications with caution.
As devices such as smartphones and tablets, continue to gain popularity, so too will the volume of attacks against them. Malware could be downloaded onto the device from seemingly legitimate shopping apps that can steal credit card and other sensitive information for transmission to cybercriminals. Update all apps when notified, and disable Bluetooth and Near Field Communications when not in use to reduce the risk of your data being intercepted.

Know your online merchants. Limit online shopping to known and trusted merchants. Only go to sites by directly typing the URL in the address bar. If unsure about a merchant, check with the Better Business Bureau or the Federal Trade Commission. Confirm the online seller’s contact information in case there are questions or problems.

Consider using an online payment system or credit card. Where available, consider using online payment services, which keeps credit card information stored on a secure server, and then allows a customer to make purchases online without revealing credit card details to retailers. If paying online directly to the retailer, use a credit, not debit card. Credit cards are protected by the Fair Credit Billing Act and may reduce liability if information is used improperly.

Look for “https” before you click “Purchase.” Before you submit your online transaction, make sure the webpage address begins with “https.” The “s” stands for secure, and indicates that communication with the webpage is encrypted. A padlock or key icon in the browser’s status bar is another indicator. Remember to make sure the browser is current and up-to-date.

Do not respond to pop-ups. When a window pops up promising cash, bargains, or gift cards in exchange for a survey response, close it by pressing Control + F4 on Windows devices, or Command + W for Macs.

Do not use public computers or public wireless access for your online shopping. Public computers and Wi-Fi hotspots are potentially insecure. Criminals may be intercepting traffic on public wireless networks to steal credit card numbers and other sensitive information. Care should be taken that the computer or device settings prevent it from automatically connecting to Wi-Fi hotspots.

Secure your home Wi-Fi.
Make sure to control who has administrative access, and that any users on the network authenticate with a strong password. Encryption settings should be enabled and strong—using WPA2 is recommended.

Be alert for potential charity donation scams
. Cybercriminals try to take advantage of people’s generosity during the holiday season and can use fake charity requests as a means to gain access to information or a computer/device. Think before clicking on emails requesting donations. Do not give financial or personal information over email or text. Contribute by navigating to the trusted address of the charity, never through a link in an email. To check if an organization is eligible to receive tax-deductible charitable contributions, visit the IRS website.

Contact the seller or the site operator directly to resolve any issues. You may also contact the following:

Your State Attorney General’s Office
naag.org/current-attorneys-general.php
Your State Consumer Agency
usa.gov/directory/stateconsumer/index.shtml
The Better Business Bureau
bbb.org
The Federal Trade Commission
ftccomplaintassistant.gov

For More Information:
For additional information about safe online shopping, please visit the following sites:

US-CERT

us-cert.gov/cas/tips/ST07-001.html


OnGuard Online

onguardonline.gov/articles/0020-shopping-online


Microsoft

microsoft.com/security/online-privacy/online-shopping.aspx


Privacy Rights Clearinghouse

privacyrights.org/Privacy-When-You-Shop


Internet Crime Complaint Center

ic3.gov/media/2010/101118.aspx

Internal Revenue Service
irs.gov/Charities-&-Non-Profits/Exempt-Organizations-Select-Check

1emarketer.com/Article/Mobile-Devices-Boost-US-Holiday-Ecommerce-Sales-Growth/1010189

Source: Center for Internet Security & Integrated Intelligence Center Multi-State Information Sharing and Analysis Center, “Online Shopping Season: What You Need to Know to Protect Yourself ,” Monthly Security Tips Newsletter, Volume 8 Issue 11, November 2013 (msisac.cisecurity.org/newsletters/2013-11.cfm)