December 14, 2016 // By Michael Lester
It’s the Hap-Happiest time…of the year!
Unless you get robbed, have your identity stolen, or get hacked.
The Holiday season is a prime time for thieves, hackers, exploiters, and other nefarious individuals. Most people are “in the holiday spirit” and aren’t thinking about security. Bad actors know this and take advantage of it.
What should you do to make sure you aren’t a victim this holiday season?
1: Be vigilant. Watch what is going on around you and pay attention to what is happening and who’s around you. Clerks are harried as throngs of shoppers try to push towards the check-out. Do a quick examination of card swiping machines by tugging on the top; a card skimmer today can sit right on top of a legitimate one. Watch what happens to your credit card after it leaves your hands. A common move to watch for is a quick swipe type motion along the waist of a clerk, especially if its on the opposite hip. Card skimmers can attach to belts and waistlines and all it takes is one fast swipe to get all the data off your card. Watch how fast a crook can place a card skimmer on a credit card terminal: https://youtu.be/y83ZgzuFBSE, or this one on how fast a waitress can skim your card. https://youtu.be/GyhUvACnXkQ Also, watch your purchase. Yes, they are heavy and cumbersome. Don’t put them down.
2: Be suspicious of deals that are too good to be true. Sure there are holiday specials, and some are really good deals. Others, especially online, are just an excuse to get you to click on that link. If you go to a site by typing in the URL, you are probably safe. If a link comes to you in your email, be very, very wary. Personally, I never click on links that are from a company or person I don’t personally know. If I get a notice from Omaha Steak that says they have a special, I delete the email and go to Omahasteak.com on my browser.
3: Think about physical security. Be careful about leaving anything in your car or outside of your immediate control. I know someone who had their laptop stolen from their car overnight. Someone smashed the rear window and took the laptop. You might ask: Why did someone leave their laptop in full view on the backseat of their car overnight? Simple considerations about physical security can prevent such events.
4: Your mobile is the most likely avenue of attack! Turn off auto connection to WIFI! If you connect to a WIFI that you don’t know or trust, the owners of the WIFI can monitor everything on your phone, and that includes all emails, passwords, account numbers, etc. Personally, I run antivirus/antimalware software on my phone. There are also VPN apps that you can run to add additional level of protection of your device’s data when you are connected to those free WiFi hotspots or on networks that are not your own.
5: Download apps ONLY from official stores (Google Play, App Store, etc.) A recent study found that (are you ready for this statistic?) 100%...100%!...of applications that were downloaded for Android from a site other than Google Play were infected with additional code. 56% of applications downloaded for iphone had been hacked. You can read the report here: https://www.helpnetsecurity.com/2013/12/13/top-100-android-apps-hacked-in-2013/
6. Stop sites from tracking you! Most people know that somehow their browsing habits are being tracked. For those that are really concerned with this, using a private VPN is a good start. Of course, they aren’t free and there are some sites that will not let you connect if they detect that you are keeping yourself anonymous. Then again, that might be a good reason not to connect to those sites! Another option is a browser based extension that blocks most tracking software. One of the best (and free!) is developed by the Electronic Frontier Foundation (called “Badger”) that works with Chrome, Firefox, and Opera. You can find it at EFF.org or in the Google Play store.
7: Don’t discount weird things happening on your phone or computer: Is your mouse moving in a jerky fashion? Is your computer running really slowly all of sudden? Is your screen flashing a few times when accessing certain sites? I’m not saying that you are absolutely compromised, but if it were me, I’d be reaching for two or three scanners to evaluate my system. Three good tools that are free are: Malwarebytes Free version - https://www.malwarebytes.com/; SpyBot Search and Destroy - https://www.safer-networking.org/dl/; and CCleaner for Windows tuning - https://www.piriform.com/ccleaner/download
Hoping you all have a very happy, and cyber-safe, holiday season!