Season’s fleecings: CISA warns on holiday shopping scams

With the COVID-19 pandemic forcing stores to rethink their sales tactics, it is no surprise that the 2020 holiday season will be incredibly different. The commercial enterprises used to in-person shoppers are now having to rely on the Internet for primary orders, and then either curbside pickup or delivery to fulfill those orders. Cybercriminals are aware of any spike in Internet activity, and as has been the case throughout the COVID-19 pandemic, they are taking advantage of less adept Internet denizens. With this in mind, the Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) has released a primer on holiday shopping scams. Of the many resources that they give, the most useful is arguably their Holiday Shopping Guide. In this guide, CISA gives the following advice to ensure shopping for loved ones doesn’t result in identity theft or other potential hazards:

• Check devices and ensure that they are operating on the most current version of their respective operating system.
• Enable multi-factor authentication for any shopping website to add an extra layer of protection against unauthorized account access.
• Double-check that you are on a reputable vendor’s website, and most importantly, that the domain name isn’t spoofed.
• Never use public WiFi to purchase anything as the connection is unencrypted, and a packet sniffer can collect all data you send to a server.
• Don’t download attachments in emails (such as coupon offers) purportedly from a legitimate source unless you can confirm you are on a store’s email list. Also, confirm the source of the email.
• Use a credit card instead of a debit card. CISA states, “There are laws to limit your liability for fraudulent credit card charges, but you may not have the same level of protection for your debit cards.”

Much of this is common knowledge, but even the most security-savvy person could use a refresher with COVID-19 wreaking havoc globally. It would be prudent for everyone to read the CISA guide in totality as this holiday season — and holiday shopping scams — will be like no other.

Featured image: Flickr / Nicholas Jones