The phrase Warning, Latin for “let the buyer beware”, has long been a warning to carefully consider the quality and suitability of goods before making a purchase. In the world of e-commerce, Warning has a whole new meaning. After having meticulously researched a number of crowdsourcing sites, consumers can purchase the products they want from the comfort of their couch, but they need to be careful with their accounts in the exchange. It’s not just the credit card numbers and home addresses of buyers that are at risk. Many cybercriminals make a living by patiently collecting other sensitive personal data and selling it for use in a number of malicious activities. In this article, we’ll give you some tips on how to make yourself a “hard target” by adopting practices that give you the best possible chance of protecting your personal information while you shop this holiday season.
1. Never reuse passwords. In 2020, according to a NordPass study, the average person is juggling 100 passwords on different sites and services. Given this data, it’s easy to see why people are reusing easy-to-guess passwords – they just have too many to remember. Years ago, the risk of this unhealthy practice was limited to exposure to individual attackers. Today, he plays into the hands of sophisticated cybercriminals who carry out an attack technique called “credential stuffing”. This method of attack uses bots for automation and scaling and is based on the assumption that many users reuse usernames and passwords across multiple services.
The easiest and one of the most effective way to manage your dozens of passwords is to use a password manager. A password manager keeps all your passwords in one place and can auto-fill them for you, without you having to remember the password you created for which site. Password managers also create strong passwords for you, usually much stronger than the ones you create yourself. Some services even monitor the web and alert you if your passwords are compromised by a breach or hack so that you change your password immediately and mitigate any damage.
2. Say âyesâ to two-factor authentication. Two-Factor Authentication (2FA) is a security process that cross-checks users with two different forms of identification, most commonly knowledge of an email address and proof of ownership of a mobile phone. . Used in addition to regular username / password verification, 2FA strengthens security by making it more difficult for attackers to gain unauthorized access, even if an author goes beyond the first authentication step. Google reports that even two-step SMS verification, considered one of the weakest forms of two-factor authentication, can stop 100% of all automated attacks, 96% of mass phishing attacks, and all three. quarters of targeted attacks. 2FA is commonly used in online banking websites, social media platforms, and e-commerce sites as a way to tighten access controls to the most sensitive areas of a web application (for example, panels administration or areas that store credit details and / or personal data). Other 2FA methods include obtaining one-time passwords from an authenticator app, fingerprint readers, and retinal scans, all of which provide even stronger protection. Either way, when 2FA is offered, use it.
3. Suppose every e-mail, voicemail, or text message about your account is phishing. Phishing is a type of social engineering attack often performed to steal user data, including login credentials and credit card numbers. An attacker, posing as a trusted entity, tricks a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the system crashing in a ransomware attack, or the disclosure of sensitive information. For individuals, an attack can be devastating with results such as unauthorized purchases, money theft, identity theft, or all of the above. While our advice here may seem extreme, be aware that according to the FBI, phishing was the most common type of cybercrime in 2020. Successful phishing incidents nearly doubled in frequency year over year, from 114 702 incidents in 2019 to 241,324 incidents in 2020.
While the spam filters provided by our email service providers have gradually helped many of us stop seeing a constant stream of phishing shipments, many people have noticed an increase in SMS messages regarding a problem with account this year, even for some accounts people don’t even do it. have.
The best way to avoid a phishing attack of any kind is to never click on a link sent to you by any means and never give out your login details over the phone. If you have any questions about the account or think there might be a problem, you can: open a new browser tab, enter the URL or click on the bookmark you may have saved and log in as you normally would to check a balance. If the problem is legitimate, you may find it in your messages or your account profile.
Follow these steps to make sure that cyber theft of your personal information isn’t playing a role in your holiday shopping season. While it is true that cyber attacks are becoming more frequent and sophisticated, you have the potential to thwart them.
The Caveat Cyber ââEmptor post: 3 Ways To Protect Sensitive Personal Data This Online Shopping Season appeared first on Blog.
*** This is a syndicated Security Bloggers Network Blog blog written by Matthew Hathaway. Read the original post at: https://www.imperva.com/blog/caveat-cyber-emptor-3-ways-to-protect-sensitive-personal-data-this-online-shopping-season/