Shopping online is a convenient way to get what you want when you want. It’s also much less expensive than going to the store or mall. However, before making your purchase, you should be aware of some risks involved with shopping online. We’ll discuss how cyber security best practices can help keep your information safe when shopping online.
1. Update your software and devices
Most cybercrime is related to outdated hardware and software. For example, older operating systems are easy targets for ransomware because they cannot be updated with the latest security patches. Obsolete hardware may not have all the updates necessary to protect you from malicious sites or bots. Such updates may be available only by managed IT services like Microsoft and Apple. IT security experts recommend keeping your computer and mobile devices updated with the latest security patches and system updates.
2. Use a virtual private network
A virtual private network, or VPN, helps keep your data secure while browsing online. VPNs encrypt all web traffic passing between your computer and the VPN server, which masks your IP address among thousands of others on the network. No one can identify that it’s you making online purchases or accessing other sensitive information because they see just an encrypted string of numbers instead of your actual IP address.
3. Don't use public Wi-Fi
Most public Wi-Fi networks aren’t encrypted, which means that anyone who wants can see what you’re doing online while using this network. The National Security Agency warms that public Wi-Fi is not configured securely, making users more vulnerable to compromise. An example of exposure includes hackers trying to steal your information by installing malware on your device. While it may seem convenient to browse online while out shopping or at a restaurant, don’t do it unless you’re using the hotspot from your provider. And even then, try not to use sensitive sites such as shopping, banking, or websites that ask for your login and password. Instead, use it for things like social networking that don’t require you to enter personal information.
4. Be suspicious of anything that is "too good to be true"
Cybercriminals will often use an email address that appears similar to a trusted institution or company to trick you into giving out personal info. For example, don’t believe it if you get an email from what looks like Paypal asking for your login and password because there’s something wrong with their system. Legitimate companies would never ask for this information through email. Also, watch out for emails claiming problems with your account that require you to give them more information to solve the issue. If you suspect a suspicious email regarding your account, don’t click on any links in the message or enter any information. Instead, look for a number in your email’s header called the “Return-path” and call whatever company it’s linked to confirm whether they sent you an email about this issue.
5. Use a strong password
Ensure you create a strong password for your accounts, such as an alphanumeric combination of upper and lower case letters, symbols, and numbers, between 10 to 20 characters long. It’s also wise to change your password frequently. When creating passwords think of something difficult enough for others to guess but easy enough for you to remember. Password creation may be challenging since it needs to be difficult to imagine for humans but easy enough that you can recall it quickly.