While phishing and other scams that target your data are increasingly common, the holiday season is always a time to be especially alert.
Phishing and Other Social Engineering Attacks
Social engineering uses social skills and human interaction to gain access to a computer or network, or obtain data. The increasingly common scam involving people calling you and pretending they represent the IRS and you need to make a payment to avoid being arrested is a social engineering scam. It relies on human error rather than a weak spot in a computer system.
The new wave of attacks involve text messages containing links to webpages or contact information that can be clicked on, opening you up to malicious activity. There are steps you can take to prevent falling victim to a social engineering attack.
- Do not provide information about you or your company in response to an email, phone call, or text message if you are not sure of the identity of the person or their organization.
- Contact the organization directly to confirm the identity of the individual.
- Be alert for suspicious sender’s addresses, generic greetings, suspicious attachments, and/or poor spelling and grammar or layout.
- Maintain anti-virus software, firewalls, and email filters to avoid as many phishing emails coming through as possible.
Shopping Online
Common scams with online shopping involve creating emails/websites which look like they’re from a reputable store and targeting insecure transactions. Ecommerce is predicted to account for $136 billion during the 2019 holiday season. With all those online purchases, there are a few best practices to use to protect your information.
- Make sure you’re ordering from a reputable vendor – double check the names, logos, etc. are accurate.
- Be sure your information is being encrypted – the website URL should begin with “https” and have a closed padlock icon.
- Only make purchases from your home/office or cellular network, never on public Wi-Fi.
- Use a third-party payment method like PayPal or Apple Pay when possible.
- Otherwise, use a credit card rather than a debit card – if the number is stolen, the money won’t be taken directly from your bank and there’s more legal protections regarding fraudulent credit card activity.
- Keep a close eye on your credit and bank statements to ensure they match your purchases throughout the season (and the year).