Cybercrime and financial fraud cost consumers trillions of dollars annually with no signs of slowing down! HFCU is committed to helping you protect accounts, prevent fraud and make your holiday shopping experiences a little safer. These ten helpful tips will reduce the chances you will be targeted, and if you are targeted, mitigate the impact to you.
Shop from your own device, not a borrowed or public device like at the business center at a hotel. You can’t rely on the security someone else has put in place.
Don’t shop over public Wi-Fi unless you are using a secured VPN (virtual private network) which secures that connection. Using that unprotected Wi-Fi increases the chances that cybercriminals can monitor your communications and intercept account passwords or credit card numbers.
Shop at reputable sites. Stick with brand name sites you recognize.
Don’t click on links in emails. The use of phishing emails is one of the most common attacks used by cybercriminals. Studies indicate that victims tend to open phishing emails between 25 and 30 percent of the time, so attackers continue to use them. You may receive a legitimate-looking email, from what appears to be a legitimate retailer, but deciding to click that link dramatically raises the risk that you will be successfully targeted by such an attack and exposed to a variety of malware and other attacks. It may be slightly less convenient, but you are almost always better off manually typing in the store’s URL.
Only enter your credit card details into secure sites. If the site does not support HTTPS (or does not show the lock on the browser window), it is possible for cybercriminals to intercept the credit card information you enter. That indicates the site has made a conscious decision NOT to support good business practices and additionally may very well be a fraudulent site.
Use a credit card instead of a debit card. Most credit cards have lower fraud limits, which helps limit the amount of money (if any) for which you might be responsible.
Many credit cards allow you to set limits and thresholds from your online account. For instance, you might set a limit on a single transaction of $500, or you can request verification of such a transaction. So, a $500 charge is either automatically rejected, or it generates a text message, or message to the card’s mobile app, which allows you to manually authorize the transaction. This can improve the chances you will recognize attempted fraud exactly when it happens and can limit the size of the impact.
Make sure your own system is secure. This applies to whatever system you are using to shop. While not everyone can harden a system, there are basic controls which are available to pretty much any user. Apply patches and upgrades and ensure whatever malware solution you are using is up to date. These actions can dramatically reduce the number of ways a cybercriminal has to attack your device.
Use good online practices. This one is harder, but the important part can be condensed into a single statement: use good passwords. Every important online site which holds your credit card or other important data should have their own, unique password. While it is impractical to make those passwords random, it is not difficult to make them practical. The danger in overusing the same (or similar) passwords is that if a cybercriminal captures your password for a particular retailer, then all sites at which you use that same password are now vulnerable to that same cybercriminal accessing your data.
Check your credit card statements regularly. During the high-use shopping timeframe between Thanksgiving and the end of the year, don’t be bashful about checking your credit card statements every couple of days, and checking “recent transactions” to identify any fraudulent activity. If you find a charge which is not yours and appears fraudulent, don’t waste time –report it via the card’s online portal, mobile app, or by calling the card’s customer service line. The quicker you report fraudulent activity, the faster you can protect yourself, and others, from additional fraudulent activity.