For the first time ever, a majority of Americans plan do most of their holiday shopping online. But that doesn’t mean they’ve abandoned their worries about cyber shopping.
A recent F-Secure survey found that most shoppers in the U.S. have serious concerns about the potential risks that come from checking out online.*
Almost two out of three US internet users (65%) say they worry about the loss of personally identifiable information through a data breach. Nearly the same percentage (62%) say they worry about someone taking over their accounts to steal money. And these worries make sense considering that 62% said that their families have been personally impacted by cyber-crime.
Overwhelmed but under-secured
Terrible cyber security practices remain far too common, despite these rampant security concerns. Just about every time a data breach reveals the passwords consumers use most often, the results are beyond disturbing.
Take a look at this: the world’s five most popular passwords compiled this year based on data breaches collected by Troy Hunt’s Have I Been Pwned website:
123456
123456789
qwerty
password
111111
Common passwords are among the first any hacker will use to try to take over an account. And a “brute force” attack can employ hundreds if not thousands of common passwords to break into these accounts easily.
Secure all your devices and accounts
Everyone knows you should always run security software on you devices.
But what else can you do to eliminate the worries that are lingering over this holiday shopping season?
Here are five things to remember:
Forget your passwords
If you can remember your passwords, they’re probably not strong enough to protect your accounts. So what do you do with more than a dozen passwords you cannot remember? The solution to this problem is a reliable password manager. You can use our F-Secure KEY — which is part of F-Secure TOTAL — for free on any one device.
Secure all your accounts with two-factor authentication
The best password in the world can still be compromised if it is not properly secured by the site you’ve trusted it with. That’s why you should use two-factor authentication to secure your accounts where ever it is available. But keep in mind that it is possible to bypass multi-factor authentication by accessing emails and mobile phone messages. So for extra security, use an app like Google Authenticator as your second factor.
If you’re going to shop on your phone, use a retailer’s app
On your phone, you may be even more vulnerable to some basic scams. Since URLs are harder to view, you could be tricked by the explosion of newer top-level domains, such as .xyx, and think you’re on an official site when it’s really a fake. Likewise, you can’t easily hover on a link to check where it’s going. You could be sent to a phishing site that collects your credentials. To avoid these worries when shopping on your mobile device, stick to shopping through a retailers’ apps that you download from your device’s official app store.
Use one browser for all of your shopping and financial transactions
Devote one browser to anything that involves shopping, banking or checking your financial accounts. Don’t use it for anything else—especially social media. This tactic has numerous benefits, including reducing security threats along with online tracking and targeting based on your purchase history.
Take a vacation from clicking on links in email
Phishing relies on simple tricks that work repeatedly. One of the most popular tricks during the holiday season takes advantage of the fact that many shoppers anticipate items to be shipped to their homes. “Failed delivery spam” plays on the fear of missing purchases or gifts that should be arriving at your home to induce users to click on links that can lead to spam or malware. Falling for these scams is easy when you’re busy trying to finish your list of holiday errands. That’s why you should convince yourself not to click on any links on any emails until next year. Go directly to the shipper or retailer’s site instead.
Cyber shopping is now the norm. Now we need to make sure cyber security becomes just as popular as skipping lines and shopping in your pajamas.