According to a new survey by staffing firm Robert Half Technology, 64 percent of employees plan on "workshopping" this holiday season. And as the holiday season kicks off, shoppers everywhere are more and more frequently opting to use their credit cards from the comfort of their offices, taking advantage of online shopping deals. Since “Black Friday” and “Cyber Monday” are upon us, here are some tips to keep you cyber-safe, especially at work.
Some potential problems to look for (from a report by DomainTools):
- Extra added letters in a domain, like samsclubb.com
- ‘rn’ disguised as 'm’ such as in potterybam.com
- 1’s disguised as l’s, as in Koh1s.com
- Added affixes such as target.com-dresses.us
Also, there are tons of fake shopping apps out there, so if you want to download a shopping app from your favorite store, best to get it directly from that store’s website to be sure it’s legitimate.
2. Only Shop if There’s a Lock
Websites that have security enabled using SSL (Secure Socket Layer) encrypt data during transmission, making it safe to use a credit card on that site. Look for that little lock in the address bar and a URL with “https” instead of “http” at the beginning.
3. Don’t Shop on Hotspots
Just avoid shopping on public Wi-Fi networks, like in airports or coffee shops. While this may seem like the perfect time to knock out that shopping list, open hotspots are extremely dangerous. Hackers have been known to intercept communications between you and the connection point so that instead of talking directly with the hotspot, you end up sending your information to the hacker. In this case, the hacker has access to all the information you send out—emails, phone numbers, credit card information... And once a hacker has that information, you’ve basically given them the keys to your front door.
Be sure to keep software up to date on any device you connect to the internet, to help reduce the risk of infection from malware.
4. Use Strong and Unique Passwords
Consider making your passwords sentences, like “CountryMusicIsTheBest!” and make them unique to every site. Don’t ever use your work email or any variation of your work password on any third-party websites and monitor for exposure!
Consider finishing out the year strong by using a password manager to assist in dealing with the ever-increasing volume of complex and unique passwords and as always, enable multi-factor authentication (MFA) if it’s available.
Managed Services Provider, like Tech Rage IT can monitor for exposure of their customers’ employee credentials on the Dark Web.