Here Are 7 Ways to Exercise Caution When Buying Online This Holiday Season
Revised and updated for 2021.
Analysis from McKinsey indicates that fourth-quarter consumer spending in 2021 is likely to rise 7 percent over 2020 and 9 percent compared with 2019, with consumers bouncing between apps, websites, and in-person shopping for inspiration, ordering, and fulfillment. The increase and importance of an omnichannel approach is more critical for retails to meet the evolving desires of shoppers. Key findings from Mastercard SpendingPulse underscore the shift to online spending, with e-commerce accounting for 19.7% of overall retail sales – up from approximately 13.4% in 2019 as many would prefer to shop online in the safe comfort of their home, rather than risk infection in a crowded shopping mall.
The surge in online shopping, included normal household items, will now be augmented with the inclusion of holiday gift shopping. This increased shopping activity is a prime opportunity for cybercriminals, who are on the prowl to ruin your festive mood, unless you exercise extreme caution.
Here are seven of the most effective online safety practices to make your holiday shopping experience smooth and risk-free.
1. Update your devices’ security
Software updates exist for reasons beyond improving your device’s speed and performance. The updates also offer security patches to protect your device from hacking, data theft, or other online vulnerabilities.
Updating your desktop devices is equally critical since that’s where we stow a ton of our personal data like our banking and financial information.
Proactively update your device’s software to prevent falling prey to malware or ransomware attacks.
2. Undo automatic logins
It’s very convenient to have automatic sign-in enabled on your web and mobile browser. But productivity should never come at the cost of security.
Every time you enable auto-login, you help hackers save time and energy to breach into your system.
For instance, enabling automatic login in your browser increases the likelihood of Windows registry hack. When you enable the default passwords, you enable Windows to save your DefaultUserName, DefaultPassword, and DefaultDomain in the registry.
You’re essentially handing over your system password on a platter for unauthorized users to access it in plaintext.
My advice: disable the auto-login and autofill features in browsers such as Chrome and Internet Explorer.
Instead, use a trusted password manager app like LastPass or OneLogin that does a much better job than Google or Windows to secure your online credentials like online banking user ID, credit card number, etc.
3. Treat public Wi-Fis like public restrooms
What’s better than understanding the dangers of public spaces in the time of social distancing?
That’s right. Public Wi-Fi—especially the ones that are free—is where the virus infections are most likely to spread.
Avoid public Wi-Fis like plague—especially to carry out financial transactions or to access your confidential information online.
If you must use public Wi-Fi networks, always use a reliable VPN (virtual private network) app to mask your IP address, encrypt your internet connection, and establish a secure browsing environment.
4. Set limits on credit card spending
Many people I talk to on a daily basis don’t realize this, but there’s a way for you to set a daily limit on your credit card spending. You just need to talk to your bank to enable this function.
Security-wise, this is a great way to figure out if your credit card number is stolen or being misused. For example, towing a line on your daily spending will alert you of any abnormal payment activity on your credit card.
The benefit of this technique transcends beyond security. Personally, I think that putting a cut-off on your credit card spending also helps you become more mindful about your spending and discourage you from splurging unnecessarily.
5. Do due diligence on your bank statements
Here’s another way for you to identify if someone is misusing your credit card information—reconcile your bank and credit card statements.
This will help you map each of the spending data on your credit card statement with the respective transactions down to the tee.
It’s much easier to audit your credit card statements and single out transactions that don’t match your buying history when you reconcile the two.
6. Watch out for phishing attacks
While the good old foreign prince scam is still doing rounds on the internet, hackers these days have devised much more sophisticated tactics to siphon off money from unsuspecting people like you and me.
For instance, hackers nowadays send malicious links impersonated as your PayPal verification email or Netflix payment update reminder. Here’s an example of the latter:
This is a much subtler and smoother tactic that can go undetected even for a trained pair of eyes.
As more shopping is happening on phones this is increasingly becoming a hotspot for criminals. This method leverages malicious text messages to trick users into clicking on a malicious link or handing over personal information.
With shopping seasons like Black Friday and Cyber Monday around the corner, you are most likely to get dozens of such emails and text messages that usually have a sense of time-based urgency for you to claim a reward, enter a contest, or take some kind of immediate action. Don’t fall for that trap.
As a rule of thumb, always verify the sender’s email address before clicking on any kind of link. Also, flag such emails as “junk” or “phishing emails” to avoid the likelihood of these emails appearing in your inbox again.
7. Develop your presence of mind
Make sure you double-check a website’s authenticity when providing personal and credit card information. Always check for the “https://” prefix in a URL (and the padlock symbol at the beginning) to verify a website’s authenticity and to ensure it has the necessary SSL certificate.
Abort your shopping immediately if the website is missing the https:// prefix or if you suspect anything fishy about the site.
You should always enable multi-factor authentication whenever it is available. Using multi-factor protects you by using separate pieces of information to prove who you are.
Cyberattacks can come from anywhere—even from your latest smart TV or an IoT device that you are about to gift yourself on Christmas.
And while there are technologies that can help you offset the risk of hacking to an extent, there is no silver bullet that will safeguard you 100%.
When it comes to erecting a security chain around your valuable data, you are your weakest link. Criminals trick our psychological blindspots and cognitive flaws to prey on us.
Therefore, nothing beats exercising caution and developing a sense of digital diligence to prevent criminals from stealing your data.
Wishing you happy holidays and safe and secure shopping!