Thanksgiving holiday planning is well underway in the US as is the holiday season that follows. It is gearing up to be a bumper sales cycle this year. This year will not be any different than previous ones in that in addition to great deals there will be bad actors attempting to play the role of good ole St. Nick with nothing but a bag of malicious code for the girls and boys.
One of the biggest online sales days of the year in North America is called Black Friday and it brings out amazing savings opportunities it also brings out the opportunists. This is where it becomes incumbent upon the shopper to exercise some caution.
1. Track your spending. The holiday season can be a blur of hopping from site to site and store to store. Be sure to check your credit card statements to be certain that that line up with your actual purchases.
2. Use reputable retailers. If you're unsure of a retailer don't take the risk. Look them up at the Better Business Bureau (http://www.bbb.org) or better yet, go elsewhere if you're have any hesitation. No need to put your finances at risk to save an extra $2 on that widget or grapple grommet.
3. Be judicious in your information disclosure. If you're buying something online take caution that you're not offering up more information than is absolutely necessary. Case in point, I was shopping at a national clothing store a couple years ago and the clerk was insisting that customers had to disclose their Social Security Number in order to complete the purchase as this was part of their current promotion. I declined and advised other shoppers in line that they shouldn't disclose their Social Security Number.
4. Password reuse is a huge problem. There really is no technical solution to this item as this rests with the user. When shopping online almost every site out there asks you to create an account with the option to store your credit card information. If you do this be sure to not use the same password as you do for any other account such as the one you use for banking. One of the issues that we have seen here at Akamai is a growing number of credentials being reused on multiple sites. Once a site gets compromised by an attacker they then end up replaying this login information on other online retailers. Ask yourself for a moment, why would you use the same username and password on a social media site as you do for banking? Let that sink in for a moment.
5. Check yourself before you click that link. Did you receive an email which appears to be from a retailer offering you a deal that is too good to pass up on? Well, quite possibly there is a good reason for that. When you receive a deal that offers you, as an example, a $200 gift card for filling out a survey I would hope that alarms bells sound the alert. Be sure to use your better judgement before you chase after an offer that is possibly little more than a lure.
Akamai offers services like the Kona Security Suite to help secure online retailers from attackers to better protect themselves, and ultimately you.
Tis' the season. Just be careful out there.
(Image used under CC from Cubosh)