The Christmas holidays are a critical time from the point of view of IT security. Particularly useful to attackers is the fact that people spend much more than usual in the run-up to Christmas and often do so in a hurry and are less cautious about their transactions. However, the experts at AEC, a leading cyber security provider, point out that following a few basic rules can significantly reduce the risk of an attack.
Attackers count on the fact that now is precisely that time when many of us are willing to spend a lot of the money we have been saving all year. Our bank cards, mobile phones or computers are the ideal means to achieve their goal. Countering the sophisticated tricks of hardened cybercriminals is becoming increasingly difficult, yet there are ways to avoid losing your money when shopping online.
There are many situations in which hackers can catch us. This might be when choosing an e-shop, it can happen during the ordering process, during payment or just at the moment when we are expecting delivery of our goods. The experts at AEC therefore recommend that you only buy things from verified shops. Before actually ordering the goods, you can check the credibility of the e-shop on portals such as Heureka or directly on the website of the Czech Trade Inspection, which is updated on a daily basis.
Another problem is ordering goods. The general advice is to enter the name of the given shop into a search engine and read a few reviews before buying anything from it. “Whether you are ordering goods using a computer or a mobile phone, always make sure that you keep your device updated and protected by high-quality antivirus software,” warns Maroš Barabas, Head of Product Management at AEC.
You should choose unique passwords whenever you register anywhere – on social media, in e-shops or with delivery services. At the same time, you must use multi-factor authentication for all of the accounts where protection of access is important to you. Here, it is advisable to use the resources and capabilities offered by the given device (for example, password management is free of charge in iOS and Android) as these can significantly complicate a hacker attack.
Sample of a fraudulent offer
The moment you come to pay also represents a big risk. “If you receive a message about any problem with a transaction, purchase or parcel and it asks you to click on a link, don’t do it,” warns Maroš Barabas, adding another important piece of advice: “No employee of any bank, post office or e-shop should ever ask you for your card number, username or password. If they do, hang up because the caller is not who they say they are.”
The period when you are waiting for delivery of your goods can also be a problematic moment in online shopping. The possibility of tracking the ordered goods represents a huge temptation to mindlessly click on a link or prompt, which may subsequently turn out to be a scam. Nowadays, attackers do not only hide behind global brands such as DHL or FedEx, but also behind high-quality fake versions of Zásilkovna or Česká pošta. So, make sure that you think carefully and calmly about every click, and if we want to be certain, check the request directly with the shop or delivery service.
Sample phishing message impersonating a shipping company