Staying Safe Online This Holiday Season – Cyber Do’s and Don’ts
By Shana Brouder, MyCG Writer
Nov. 24, 2020 —
By Shana Brouder, MyCG Writer
While Thanksgiving may be late this year, the holiday shopping season will still open on Nov. 27, otherwise known as Black Friday. With COVID-19 restrictions still in place, many are opting to shop from the comfort of their couches. The following list, gathered from the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA), highlights some basic cyber hygiene practices that will help you stay safe online while you shop till you drop.
- Do use a credit card when online shopping. When possible, it is best to use a credit card rather than a debit card when online shopping. There are laws to limit your personal liability for fraudulent credit card charges that may not apply to debit cards. Because credit cards do not directly draw funds from a bank account, if fraudulent charges were to occur, it would not affect your bank account, which can leave you unable to pay other bills.
- Don’t respond to every email requesting personal information. Scammers often use phishing emails to gain access to your personal identifiable information (PII), such as credit card information. Legitimate businesses will never ask for this type of information via email. Always practice caution when providing sensitive information via email. If you are ever unsure if you should click on a link, you can always type it into the address bar located at the top of your browser rather thank clicking on the link directly on the email. This can prevent you from unintentionally downloading malware (malicious code) to your computer.
- Do ensure the websites you are shopping on are secure. A simple way to double check you are browsing on a secure website is by either 1) checking that you see the padlock icon, which can be located to the left of the address bar or on the bottom of your browser; 2) double checking that the uniform resource locator (URL) starts with “https:” rather than “http:” as the “s” shows us that the website is utilizing encryption, a process that keeps your information safe.
- Don’t be lazy with your passwords. Remembering lots of passwords is a pain, but it is a crucial step to maintaining safety online. Do not use the word “password” or a combination like “password123” as those are easily hackable. Using personal information that is easily accessible, such as birthdate, wedding anniversary, or children’s names, are also easily hackable. Try using a phrase that you can shorten into a password that is between 6-24 characters and mixes in capital letters, lowercase letters, numbers, and special characters (e.g. ‘The Coast Guard is my greatest job since 1981’ becomes: TheCGisGr8testJ0b198!).
- Do use different passwords for different sites. Once you have come up with a great password, it is tempting to reuse it again and again. Don’t! This means that once attackers have access to one password, they can access all your accounts. If you feel you won’t be able to remember all your passwords, consider using a password manager program to keep track of your passwords.
- Don’t publish all of your personal information online. We all love using social media, but it is important to limit the amount of personal information you publish online. Providing details about your job, your family and friends, or your past may give attackers enough information to perform a successful phishing scam or properly guess your passwords. Additionally, thieves can use information regarding your routines or holiday travel to break into your home, as they will know it is empty. The internet is forever—once you publish information online you cannot take it back. It is important to let common sense guide your online publishing practices.
While not an extensive list, implementing some or all these cyber hygiene safety practices will help you stay secure online this holiday season. For more information from CSIA, please see the resources below. You can also see alerts regarding specifics scams and cyber threats through CISA’s national cyber awareness system or sign up to receive these alerts to your inbox directly.