Protect yourself online this holiday season.
The Burlington based cyber security company ManyMe.com has some tips to help you do just that.
“Online shopping goes into overdrive during the holidays, and cyber criminals do, too,” company owner David Hughes said. “Using techniques known as ‘social engineering,’ fraudsters impersonate legitimate senders, hoping to dupe consumers who are often distracted by the frenetic pace of the season. A better name might be ‘gullibility engineering’ — fall for that special offer on the plush fleece vest, and you could be the one who gets fleeced.
Given the heightened online risk, every email and text message deserves extra scrutiny. Here are a few suggestions to help you avoid hacker tricks:
1. Don’t click on attachments that you aren’t expecting. Attachments can contain malicious code known as “malware,” which can take over your device, encrypt your files, and absolutely ruin your day.
2. Think before you click! Always hover over any link and carefully inspect the web address that appears in the lower left-hand part of your screen. A common trick is to use a fake web address that with a quick look appears to be legitimate, for example, https://amozon.com instead of https://amazon.com.
3. If an offer seems too good to be true, it probably isn’t! Curb your temptation, but if you must check out the offer, determine its authenticity by closing the message and browsing to the vendor’s website to see if the offer is genuine.
4. Take note of any misspellings or grammatical errors. Emails from legitimate sources have been carefully edited, so errors often expose a fake. Unfortunately, the best crooks don’t make such errors, so perfect grammar doesn’t provide perfect confidence.
5. Be suspicious of anything presented as urgent. Hackers like to create a sense of urgency to induce people to set aside their normal cautions; the more urgent a plea, the more cautious to be.
6. Customer support alerts, warnings from the IRS, credit alarms, COVID notices, claims that a relative is in jail and needs money for bail, and similar things are typical hacker ploys. If a message exploits a current news headline, be especially careful; if you think it might be legit, close the message and use your browser to visit the entity’s authentic website.
7. Treat any email that appears to be from your bank or other financial institution as suspect, particularly if it is directing you to take action, like clicking on a link or calling a number. As recommended previously, close the message and go to the entity’s real website to conduct any business, or call the number on the back of your credit card.
8. As you’ve likely heard over and over again, use strong passwords, never reuse a password, change default passwords, and use a password manager to remember them.
9. When you’re ordering things on line and registering on new sites, never reveal your personal email address – always use a substitute email identity, called an alias, for greater privacy, stronger security and stricter control over what gets into your email inbox.
10. Users with a more technical bent should view a suspicious message’s detailed delivery information. You can do this in Gmail by clicking on the three vertical dots at the top of the message and selecting “Show original” or “view source” – pay particular attention to the “From” and “Authentication results” lines, and if you see anything that seems inappropriate, click delete! Other email systems have similar options.
“Hopefully these tips will help you avoid the Grinch who wants to turn your holiday spirit into personal gain,” Hughes said. “As you can tell, the watchwords are ‘healthy skepticism’ and ‘careful inspection.’ Always ask, ‘Might this sender be trying to take advantage of me?’ Stay safe!”