Holiday shoppers in India have started celebrating New Year and going gaga for exciting budget-rich online holiday shopping. There are cybercriminals who is also following the footsteps of shoppers’ online payment activity.
Security expert, Rajesh Maurya, Regional Director, India & SAARC, Fortinet asserts, “Online shopping promotions and deals have captured the attention of many people. Given the rise in identity theft, malware, phishing and scam sites, online shoppers need to be more careful than ever especially during festive seasons. Online holiday shoppers will become the perfect targets for cyber criminals if they get too carefree about their online safety.”
The top 3 security tips that Indian consumers should remember when shopping online:
- Practise safe online shopping
- Use credit, not debit. Use your credit card and not your debit card when making online purchases to take advantage of its built-in consumer fraud protection. If you use services such as PayPal, ApplePay, or Google Wallet, make sure you are using payment options linked to a credit card.
- Use a secure, trusted VPN provider – If you are using the public WiFi connection you may want to think twice before making an online financial transaction. Remember that you should always use a secure, trusted and encrypted VPN provider on any open WiFi network. Look at the URL bar of your browser and make sure that the address starts with https:// rather than http://, which means that the transactions are protected using SSL encryption.
- Track your bank and credit card statements – Look at your bank and credit card statements online during heavy shopping periods. The quicker you spot unauthorized transactions the faster you can get the resolves and limit your exposure.
- Avoid fake shopping websites – There are many fake shopping sites that pop up during the holidays, often offering great bargains and hard to find items to lure shoppers. One of the ways to avoid fake shopping websites is by searching for online reviews and ratings of the site.
- Think twice before buying connected devices
Many of the items being purchased this holiday season are tech devices that can connect to the Internet. Unfortunately, very few of these devices were designed with security in mind. These devices can often be used to collect personal information, or they can be hijacked and used as weapons. Vulnerable connected devices include:
- Smart entertainment systems – game consoles, TVs, DVRs, DVD players, and online gaming
- Smart accessories – watches, phones, tablets, laptops, weather clocks, radios
- Smart toys – dolls and toys with corresponding online lives and data, remote controlled vehicles – including those that can be driven or flown using your smartphone, interactive toys that can be updated online
- Smart appliances – everything from toothbrushes to washing machines
- Smart cars – entertainment systems, communications, on-board computers and diagnostic systems, and automated payment systems for parking or fuel
Hacking these devices themselves is not really the problem. No one is interested in hacking into your smartwatch to figure out your exercise routines, or your weight loss plan. But they are using reconnaissance hacks to discover your passwords for the WiFi network at work, or your account information for automatic online purchases, to steal or spoof your identity, or even to figure out when you are away from home.
- Beware of emerging threats
Fortinet is starting to see a wave of new threats that are likely to begin targeting consumers.
- Ransomware– This year we saw the rise of targeted attacks that take over or encrypt computers or networks and demand the payment of ransom for them to be released. We anticipate that this sort of ransom-based attack will be expanded to include connected home devices, such as alarm systems, refrigerators, cars, utility meters, etc.
- Stolen online accounts – We have seen many stolen or spoofed online accounts that either already belong to someone else, or were opened using stolen credentials. Regularly check your accounts and track your bank and credit card statements for unauthorized purchases.
“While the payment card industry has established standards to protect consumers, there is no way to evaluate the security deployed by an online merchant. We need to take the time to educate ourselves, our friends and family about how to shop online more carefully and safely,” said Rajesh Maurya.