How to beat the hackers & scammers
You’ll need to keep your wits about you while shopping online this Christmas. But, with a few common-sense tactics and the right technology in place, you can dramatically reduce the chances of being scammed.
AVOIDING SCAMS 1 Beware of phishing:
Phishing scams are a popular tactic among cybercriminals during the Christmas shopping period. They can come in the form of an email, text message or even an email calendar invitation. As they prompt you to click a dodgy link or download an attachment, it’s important to keep an eye out for red flags – such as an offer or prize that’s too good to be true.
2 Bogus verification:
Legitimate organisations will never send you an email or link asking you to enter your password or account details. Log into the genuine site or app to do this.
3 Never transfer money to strangers:
Don’t ever give in to requests from strangers to send money to them, such as “ransomeware” demands. This particularly applies to overseas accounts or requests for payment in cryptocurrency or vouchers. Use only trusted money-transfer platforms to make payments.
4 Alternative payment channels:
Refuse all requests to move outside of online trading or booking websites, such as Trade Me or Airbnb, to pay for products or services.
5 Monitor your accounts:
Read your bank statements regularly to check for anomalies. Scammers with your bank or credit-card details might make a small purchase first to test your bank’s defences. Call the bank immediately if you see unauthorised transactions.
SHOP ONLINE SAFELY 1 If it looks too good to be true, it probably is:
Cybercriminals are experts at creating fake sites that look identical to your favourite online shops. Check that the web address (URL) exactly matches the store you intend to shop at. Make sure that you’re certain before clicking, to avoid getting scammed. If you are not sure, plug the “store name” + “scam” into Google. The search results might indicate if the website has already been reported as a scam site.
2 Beware of fake links:
Be wary of clicking links in emails that appear to come from your favourite online brands – they could be fake. To be extra safe, type the company’s URL into your web browser.
3 Protect your bank details:
Always look for the padlock symbol in the address bar, as this shows that the website is more secure. Be careful when letting a website “remember” your credit-card details; consider retyping them if you don’t shop there regularly.
4 Separate your online shopping from your regular email and credit cards:
Provide as little information as possible to set up an email account and don’t use it for anything else. Use a credit card with a lower spending limit or a pre-paid card to protect your other accounts.
5 Review your financial statements:
Keep a close eye on your transactions, particularly when purchasing products online. If you notice anything suspicious or a purchase that you do not recognise, contact your bank immediately. Also, use only trustworthy online-payment services and be wary of deals you find online that ask you to pay by direct transfer, cryptocurrency or gift cards only, rather than a standard debit or credit card.
SAFEGUARD YOUR IDENTITY 1 Be smart with your passwords:
Protect your accounts with strong, unique passwords that use upperand lower-case letters, symbols and numbers. Use different passwords for different accounts. If you have trouble remembering your passwords, try a password manager; it’s like an online safe that securely stores all your passwords, and you need only one really strong master password to get in. (See the sidebar on page 18.)
2 Turn on two-factor authentication:
This adds an extra layer of security and is available for a wide range of apps and email systems. It’s a simple extra step after you log in, like entering a code from an app. You can enable 2FA on most of your online accounts, and on your devices. You’ll usually find the option to turn it on in the privacy settings.
3 Keep a low profile:
Lock down the privacy settings on your social media accounts and be careful what information you post about yourself online. Even innocuous details such as date of birth, place of residence and photos of you can be used by scammers to attempt to steal your identity. The less they have to go on, the harder it is to hijack you.
4 Hold your info close:
Check that requests for personal information are legitimate before you give any details. If a company or business asks you for information, think about why they might need it. If you’re not sure it’s necessary, don’t provide it.
5 Lock your phone:
Most smartphones have password, pattern, facial or fingerprint security features. Employ at least one of them to make sure no one can get into your phone if you leave it unattended.
LOCK DOWN YOUR NETWORK & DEVICES 1 Keep your systems up to date:
Make sure your PC, Mac, iPhone or Android are up to date and security and OS updates and patches are installed as they are released. Most patches contain fixes for vulnerabilities – don’t miss out. Set updates to happen automatically whenever a new version is available, then you don’t have to think about it.
2 Update your web browser:
Make sure your Firefox, Chrome, Internet Explorer, Edge or Opera browser is the latest version available. Often, the browser will block dangerous links so you can’t reach them.
3 Use reputable internet security software:
Buy software direct from a reputable vendor – you can typically purchase a software subscription online and download the software. Each device needs protection, so look for a package that covers multiple devices across PC, iOS, Mac and Android.
4 Avoid free public Wi-Fi, or secure it:
Public Wi-Fi hotspots aren’t always secure – hackers could intercept your connection and steal personal and financial information while you are connected at a cafe, shopping mall or hotel. You can protect your connection with virtual private network (VPN) software or, if you have a decent mobile data plan, connect over the mobile network instead, which has more reliable security.
5 Invest in a good router:
Modern routers come with built-in firewall protection to detect and defend against efforts to hack your home network and install malware. Often, the router will have an app you can use to update security patches and check the health of your network.
The Listener consulted cybersecurity organisations NortonLifeLock, Trend Micro, Microsoft, Netsafe and CERT NZ in assembling this list of cyber-safety tips.