In any other year, many of us would be
gearing up for airline travel, big family dinners, cocktail hours or potlucks
with friends, and much more. But with all the challenges this year has brought
in terms of how we work and connect during a global pandemic, I’m guessing all
our plans look a little different than we thought they would.
Since most of us are now online more
than ever before for work, school, personal connection, shopping, etc., it’s
critical that take extra steps to keep our digital selves safe. With that in
mind, we’ve put together a list of 6 (ish) tips to help you and your family
stay safe online this holiday season, no matter how or where you celebrate it.
1. Watch out for an increase in scam emails and websites
What follows are just a few of the ways scammers may target you this holiday season. We recommend you install easy-to-use tools such as Fakespot, which is an add-on that protects consumers by detecting fraudulent product reviews and third-party sellers in real time, to help you avoid the fakes.
- Flash sale alerts
During the holidays, the number of promotional emails you receive is likely to go up as online stores run flash sales. With that in mind, scammers are likely to up their game, mimicking legitimate offer emails and websites in the hopes that your desire for a sweet deal will pay out for them. Use extra caution and don’t click anything in an offer email. Go to the retailer’s official website (type it directly into your browser instead of clicking a link in an email) to help ensure you’re shopping securely.
- “Free” gift cards
You may get offers for “free” gift cards to online retailers, such as Amazon, Walmart or Target. Remember: very little in life is free. This is another way that criminals may try to trick you into downloading malware or exposing sensitive information that they can use to steal your money or identity.
- Fake “missed delivery” notices
Since 94% of people are shopping online more or about the same as they were pre-pandemic, fake package notifications are another way that cybercriminals may target you. If you receive an email or text message about a missed delivery, be sure to double-check the details, such as the shipper (for example, maybe you’re only expecting a Prime or USPS delivery, so a FedEx notification should throw a red flag), the tracking numbers, etc. And, of course, don’t click or download anything in the text or email message itself
- Discounts so deep they can’t be real
If you see an ad or email for a high-ticket item that suddenly costs less than 10% of the regular retail price, it’s practically guaranteed to be 100% fake. Let’s face it: there’s just no way you’re going to get real Ray-Bans for the low, low price of $24.99.
2. Use caution with your charitable donations
It’s the giving season and, thanks to the pandemic, natural disasters, and other current events, there are plenty of people in the world who could use a little extra help. Good on you for contributing to the public good! Unfortunately, not even charities are sacred to scammers, and they will take advantage of your desire to help others.
It’s critical to do your research! We
recommend you visit trusted organizations, like Charity Watch,
to learn more about the charities you’ve chosen and their efficiency,
governance and accountability before committing money. Additionally, be
suspicious of aggressive pitches including multiple calls and emails or tactics
that require immediate donation. Lastly, never pay by gift card of wire
transfer. Use a credit card instead, as it’s easier to track and recover
3. Research your smart devices
When we say “smart devices,” we don’t just mean things like Alexa or Google Home. There are internet-enabled fridges that tell you when you’re low on groceries, let you hear and speak to someone at your front door, function as a baby monitor, and even tell you when your laundry’s done. There are also smart thermostats, garage door openers, light fixtures, and so much more. All of these gadgets form a network of connected devices known as the Internet of Things (IoT). And each one could potentially let a hacker into your home network.
Be selective when it comes to purchasing connected smart home and IoT devices. Choose reputable brands that include security, such as the ability to change passwords and perform firmware updates. Cheaper knockoffs of name brand devices might be easier on your wallet, but they are often designed without security in mind. Additionally, since the business model for knockoffs is typically to turn a profit as quickly as possible, there’s no guarantee the device manufacturer will even be around in a year or two to send out security updates or offer support if your device malfunctions
4. Secure any new tech toys right away
Get a cool new gadget in the family gift swap? (Or buy something awesome just for yourself? Don’t worry, we won’t tell the kids.) Protect that tech investment by installing security right away. It’s not the most exciting thing to do with a new toy, but it’ll help make sure you get to enjoy it without worrying about malicious actors joining in on the fun
5. Use reputable video chatting services to connect with loved ones
When planning your virtual holiday get-togethers, use trusted video conferencing providers like Zoom, who have paid close attention to security issues this year and adapted product defaults to enable safer user experiences. Also, be cautious of any websites that request permissions from your browser to access your camera and microphone. If you get one of these notifications, close out of your browser. Do not engage with the permissions request in any way
6. Remember the basics
We’ve said it before, we’ll say it again. Good online habits are your best defense – and it really doesn’t take much effort to keep yourself and your family safe
- Use strong, unique passwords for all your accounts and don’t share them. Length is strength, so passphrases are a good help.
- Install virus protection on all your devices and keep it up to date.
- Use a secure cloud backup.
- Connect to the internet using a VPN, even on your home network (and especially if transmitting sensitive info, like credit card numbers or online banking details.)
- Keep your device operating systems up to date so you have the latest patches against exploits.
- Don’t enable macros. Ever. If a document or website asks you to enable macros or hidden content or “allow access”, just don’t do it. There are very few legitimate reasons for documents or websites to request these permissions.
- Keep a close eye on your financial accounts and look out for any fraudulent activity.
Here’s wishing you a safe and cyber-secure holiday season!
Keep an eye on the Webroot Blog and the Webroot
Community for more tips and news on the latest cyber threats.