Cyber Monday has come and gone (is today, "I Bought WHAT Tuesday"?), but for most of us we've just started shopping for holiday gifts for friends and family. Increasingly this means firing up the ole browser and shopping online. But alongside the growth of online-only deals is an increase of online crimes via phishing scams. So we asked a security expert to offer tips on how to avoid taking the bait and becoming the next victim of online theft...
Sean Sullivan, security advisor for F-Secure, the internet security software company offered this beginner primer on smart browsing and online shopping habits. Memorize and practice these tips before ever pressing "Buy":
• Always check the site's URL. Ensure the site you're on is the correct online store before sharing any personal information.
• Be extra careful when checking email on your phone. The way many smartphones display mail has given phishing scams new life because many phone web browser's cut off URLs, which can make it easier to hide a spoofed web address. Many phones hide the URLs all together to conserve space on the screen, so get in the habit of typing out the actual address versus Googling the site and clicking the link within the search options.
• Make sure the URL contains httpS://. Remember the "s" stands for "secure" while browsing online. This is the same type of secured and encrypted communication you likely use when connecting between yourself and your banking site or ecommerce site like Amazon. Don't share any important information unless you see that "s"!
• Go with your gut. If you have to ask yourself, "why are they asking for that?" close your browser and contact the institution. There have been some accurate looking scam sites in the past, built entirely to collect personal information
• Browse Securely. Make sure the anti-virus software you have (be sure you do have one) is not only updated, but also offers browser protection, which verifies each link and website you're about to visit before you actually get directed to it.
• Don't click on any links from your bank. With all your online purchases and verification emails flying to your inbox, take the time to go to your bank's site to investigate any messages you receive vs. clicking on the supplied link.
• Call your bank to verify any messages you receive. Phishing emails are often sent out stating your information has been "compromised" and may direct you to a false site to input your account information.