6 Security Tips for Staying Safe While Holiday Shopping
Nothing beats being able to shop from the comfort of your own home! But with the holiday season in full swing, keeping your information secure may be harder than you think. The increased number of transactions during this time could leave you as a prime target for a malicious hacker. Have no fear, we are here to help! Read on to discover 6 security tips for holiday shopping.
Why Security Matters
Consumers are shopping more online than ever before, and mobile shopping is growing. According to a study conducted in 2018 by Ibotta.com, nearly 50% of consumers shop more on their mobile devices than in stores. The ease of this process might serve as a perfect disguise for hackers to steal your transaction data, especially information from payment processing. In most cases, the payment process contains credit card data, name, address, email and phone information which is like a pot of gold for a cyber thief. Your information falling into the wrong hands could lead to identity theft, fraud or phishing attacks.
Keep in mind that security matters on both sides of online transactions (as discussed in our Security Back to Basics webinar). Whether you’re a ski area or a performing arts center, your patrons will likely be looking for these indicators, so be sure you are offering them a safe and trusted shopping experience.
Here are some tips to help protect yourself while shopping online:
1. Patch Your System
CyberShark defines a patch as “a small adjustment to the code of the software you’re using. A patch updates one component of the software.” Unpatched computer software is a common cause of malware infections. Online shoppers are at increased risk because of this, due to the sensitive information involved. Always update anti-virus and malware protection software and ensure your browser is up to date before shopping online.
2. Shop at Websites You Trust
Shop on reputable sites that use a secure connection. Secure sites will have a small lock icon in the left corner of the URL bar which tells you that the website you are on is protecting your data in transit. If you do not see the lock or “https” in the URL then the webpage is insecure, and you should avoid using it. Even after confirming your site has a “lock”, you should also make sure the URL for the site you are shopping on is a reputable one. Malicious hackers sometimes set up their own fake shopping websites to lure unsuspecting individuals into buying fake products.
3. Avoid Using Debit Cards
Avoid making online payments with your debit card. Since debit cards are linked to your bank account, you are at a higher risk if an attacker is able to hack your data. Credit cards offer increased protection and lower liability if a number gets stolen.
4. Use a Digital Wallet
Consider using Apple Pay or Google Pay to make payments where available as they offer better protection against credit card fraud. These digital wallets obscure your payment information so that all the merchant receives is a unique, one-time code good only for that transaction. If a hacker gets their hands on this information, they won’t have access to your real credit card details.
5. Use your device’s data plan or a VPN
Always use caution when connecting to Public Wi-Fi. Thieves can sometimes create Wi-Fi hotspots to trick you into connecting to it. Once you’re connected, they can intercept the data from your device and even from the websites you are visiting. In many cases, information that an identity thief would love to have is transmitted while shopping online, including name, address, email and credit card numbers.
One major way to cut down on malicious access to your phone through a public Wi-Fi network is to avoid them altogether. Sticking to your device’s data plan when in public could be your best bet. If you are using a tablet, create a Wi-Fi hotspot from your personal mobile phone. Consider using a virtual private network or “VPN.” A VPN is highly recommended to protect your data on public Wi-Fi networks. There are numerous VPN providers for mobile users. In most cases, it is as simple as downloading the app on your device, allowing VPN access to the application and clicking a button to start the VPN service. From there, data is protected in transit preventing eavesdroppers from getting to your data.
6. Be very cautious about clicking on links in your email
The holidays are a prime time for email scams. Scammers send out viruses and malware to a user’s inbox under the guise of a great deal or offer. Do not open emails from people you don’t know, or sites you haven’t visited. Sometimes, these emails will appear to be coming from your bank or another financial institution and state there is an alert or problem with your account. Always verify these messages by calling the bank/financial institution to verify any potential problems, and never enter your account information in response to an email like this. Beware of links to offers or deals that sound too good to be true. If you are tempted by a deal, do some research to find out if anyone else has taken advantage of the deal before clicking, as the message could be malicious and infect your system with a virus or malware.
As a venue, you can also help guests avoid untrustworthy websites by training them to go to your secure website directly. (Read our blog on how to help your patrons avoid ticketing scams for more information). Whether you are a performing arts center, water park or local festival, don’t be afraid of being proactive and educating the general population on how important it is for your patrons to purchase tickets from your box office and not any third-party resellers. This can greatly cut down on fraudulent activity. The holidays are supposed to be a time to enjoy family and friends. Do not let these times be ruined by falling victim to some of these attacks. Stay vigilant and enjoy your holiday season.
Does your ticketing system give you the tools you need to protect your guests’ transaction data? Contact us today to learn how you can secure your system and sell more tickets and increase revenue with our accesso suite of solutions.
Information Security Analyst
William Quinones leads the Governance, Risk and Security Compliance programs at accesso, William specializes in vulnerability management, security education, program design and architecture, compliance, privacy, and enterprise risk. William has 17 years of Information Security experience, holds a B.S. in Information Systems Technology (cybersecurity specialization) and maintains the CISSP, CEH, CPT, CASP and PCIP certifications. William is also listed by CompTIA as a subject matter expert for his assistance in the development of the CompTIA PenTest+ certification exam.