There is one thing cybercriminals count on when seeking ways to steal personal data when you’re shopping online: that people are too trusting.
As we approach Cyber Monday, the online version of Black Friday, institute a healthy dose of skepticism. Be suspicious of all e-mail, including those that appear to be from a person or company you know. And beware of pop-up ads claiming you can get an incredible deal.
There’s a lot of money to be had on Cyber Monday. Online sales reached $1.2 billion last year, comScore says. Crooks get into the action by obtaining information that can be used to steal credit card numbers or open accounts in a victim’s name.
And since so many of you are going to do some of your shopping at work, exercise extreme caution so you don’t compromise the computer systems at your job.
You might ask: Don’t people know this already? Haven’t they been warned not to open e-mails that ask for personal information? Don’t they know not to click on links offering deals that sound too good to be true?
Yes, many know the drill. But it’s one thing to know how to protect yourself. It’s quite another to use this knowledge to effectively protect yourself, especially when a great deal is dangled online. Some tips from the Better Business Bureau:
■ Keep in mind this is prime phishing season. Identity thieves are skilled at sending e-mails that look authentic. Often the goal is to install malicious software on your computer or steal personal data off of your computer. The messages may claim there is a problem with your holiday order or your account in an effort to lure you into revealing passwords or personal information. Don’t click on links or open attachments. If you receive this type of e-mail, call the contact number on the website where you made your purchase to confirm there really is a problem.
■ Be careful about clicking on links that are displayed as part of your top results from an online search. Hackers know how to snare victims through a technique called search engine optimization poisoning. They know people might be searching for “holiday sales” or “Black Friday deals.” Using such keywords, they then drive you to websites set up to capture your personal information or to sell you inferior or fake products. Or you might not get anything at all. If I see a deal in a search purportedly from a well-known retailer, I go to that retailer’s website directly, by typing in the address. If you are unsure about a link without clicking on it, hover over it with your cursor to see what comes up. The string of cryptic numbers won’t match a company’s real Web address.
■ Double-check that a website is secure. Enter personal data such as credit card numbers only on encrypted websites. Look in the address box for the “s” in “https://” and in the lower right corner for the “lock” symbol.
Promise that you will print out these tips and tape them to your computers,at home and at work. Before you shop online, review the warnings so that you can stay out of the path of cybercriminals.
Michelle Singletary writes
for The Washington Post.