Cyber Monday Security Tips

5 Tips For Safe Online Shopping

The days after Thanksgiving often function as a kind of “season opener” for holiday shopping. The retail frenzy begins on Black Friday and culminates in a day of discounts for online shoppers on Cyber Monday. With this year’s increased emphasis on online shopping, the deals are likely to get bigger and better — but so are the risks. Here are a few tips to help you stay safe from cybercrime this holiday season.

Level up your passwords

Online shopping often involves creating new accounts or resetting forgotten passwords at sites you haven’t used in a while. It’s essential to use strong passwords, change them often, and — just as importantly — don’t use the same password for more than one site. 

A strong password is one that’s very difficult to guess or crack through brute force. Generally, security experts recommend using long passwords (at least 12 characters) with a mix of lowercase and capital letters, numerals, and punctuation or other special characters. They also recommend avoiding certain easily guessed elements like four-digit years, dictionary words, names, or personal information. 

Sound like a tall order? You’re right, it’s a lot to keep track of. That’s why it’s a good idea to use a password manager to create strong passwords and store them for you. That way you only need to remember one password — just make sure it’s a good one!

Buy from secure, trusted sites

Be extra cautious when shopping with a search engine. One of the easiest mistakes to make while online shopping is to search for the lowest price and buy solely based on that. Of course it’s smart to compare prices, but an unbelievable deal is often too good to be true. 

Also avoid buying directly from social media sites, and beware of lookalike sites whose URLs (web addresses) contain misspellings of trusted retailer names or use a different domain, such as .net instead of .com. Before you buy, check to make sure the site uses SSL encryption to keep your payment information safe. Encrypted websites have URLs that start with the letters https (not just http), and they also display a padlock icon in your browser’s address bar.

Shut down pop-up ads

Many pop-ups and internet ads contain fake coupons designed to lure you to malicious sites or expose you to cyberattacks. To make matters worse, they are often designed to trick you into clicking a link while trying to close the ad. So if a coupon pops up out of nowhere with an outrageously good offer, beware. The safest way to close it is by typing Ctrl+Alt+Del on your keyboard, rather than clicking “X” on the ad itself. Better yet, you can adjust your browser settings to block unwanted pop-ups.

Don’t get hooked by phishing

Cyber Monday is a prime opportunity for hackers to send email attacks disguised as gifts or special offers. These attacks may include viruses and malware that can infect your computer and steal your personal information. They may also include phishing attempts — forged emails meant to trick you into responding or clicking a link and giving up your money or personal information. 
Be extremely cautious when viewing your email, especially if it comes from an unknown source or contains a strange message that appears to be from someone you know. If you’re not sure, contact the person directly through another channel and do not reply to the message. Avoid opening any attachments, and never click on suspicious links. 

Keep a sharp eye on your accounts

In the unfortunate event that hackers do manage to get hold of your personal financial information this holiday season, you’re more like to catch the problem early if you’re in the habit of monitoring your accounts for suspicious or unauthorized transactions. Take advantage of MCCU’s online banking and mobile app to keep tabs on your account balance and transactions. You can even sign up for text banking to have transaction alerts and account balances sent to you automatically by text.

MCCU does not provide legal, tax, cyber security, or other advice. Please consult with your own professional services provider for more information on these matters. This content is provided for general information purposes only and may not address all cyber security-related risks or best practices.