Season’s fleecings: CISA warns on holiday shopping scams

With the COVID-19 pandemic forcing stores to rethink their sales tactics, it is no surprise that the 2020 holiday season will be incredibly different. The commercial enterprises used to in-person shoppers are now having to rely on the Internet for primary orders, and then either curbside pickup or delivery to fulfill those orders. Cybercriminals are aware of any spike in Internet activity, and as has been the case throughout the COVID-19 pandemic, they are taking advantage of less adept Internet denizens. With this in mind, the Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) has released a primer on holiday shopping scams. Of the many resources that they give, the most useful is arguably their Holiday Shopping Guide. In this guide, CISA gives the following advice to ensure shopping for loved ones doesn’t result in identity theft or other potential hazards:

  • Check devices and ensure that they are operating on the most current version of their respective operating system.
  • Enable multi-factor authentication for any shopping website to add an extra layer of protection against unauthorized account access.
  • Double-check that you are on a reputable vendor’s website, and most importantly, that the domain name isn’t spoofed.
  • Never use public WiFi to purchase anything as the connection is unencrypted, and a packet sniffer can collect all data you send to a server.
  • Don’t download attachments in emails (such as coupon offers) purportedly from a legitimate source unless you can confirm you are on a store’s email list. Also, confirm the source of the email.
  • Use a credit card instead of a debit card. CISA states, “There are laws to limit your liability for fraudulent credit card charges, but you may not have the same level of protection for your debit cards.”

Much of this is common knowledge, but even the most security-savvy person could use a refresher with COVID-19 wreaking havoc globally. It would be prudent for everyone to read the CISA guide in totality as this holiday season — and holiday shopping scams — will be like no other.

Featured image: Flickr / Nicholas Jones

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

SonicWall warns users about zero-day vulnerabilities

SonicWall is warning of a coordinated zero-day attack on some of its remote access products.…

18 hours ago

Why Salesforce DevOps teams need version control

Version control is an essential part of software development. This is true especially for Salesforce…

23 hours ago

Irritating advances in technology and why we love to hate them

Technology makes lives much easier. Until it doesn’t. Here’s a look at some advances in…

4 days ago

Broken hearts: Interpol warns of investment fraud on dating apps

Forget catfishing: Investment fraud is the new scam in town for dating apps and their…

4 days ago

Microsoft Yammer content monitoring using keywords and match patterns

For many IT admins, one of their duties is to make sure no problematic content…

5 days ago

Software bug causes deletion of thousands of UK arrest records

Thousands of arrests records in the UK have been accidentally deleted from the British Police…

5 days ago