The holidays offer cybercriminals a chance to steal sensitive data and then quickly turn that stolen data into cash, either by accessing financial accounts, charging credit cards, creating new accounts or even using stolen identities to file a fraudulent tax return for a refund.
“Due to the COVID-19 pandemic, more people than ever will be online shopping this year,” stated DOR Commissioner Bob Grennes. “Everyone is strongly encouraged to take the proper precautions to ensure their personal data is safe and that they are not falling for scams. The DOR team has developed some helpful tips to protect your personal information and hard-earned dollars.”
DOR offers several tips to protect personal information while shopping online whether on your computer or mobile device:
- Avoid unprotected Wi-Fi. Unprotected public Wi-Fi hotspots may allow bad actors to view transactions. Do not make any online purchases or financial transactions over unprotected public Wi-Fi.
- Shop at familiar online retailers. Generally, sites with the “s” designation in “https” at the start of their URL are secure. Also look for the “lock” icon in the browser’s URL bar. Beware of making purchases at unfamiliar sites or clicking on links from pop-up ads. If you are shopping on a mobile device, be sure to use a verified app from a trusted source like Google Play, PayPal or Apple’s App Store.
- Learn to recognize and avoid phishing emails. Look for emails with misspellings and bad grammar, and never click on links or attachments from unknown or suspicious sources. Also, be on the lookout for COVID-related scams or those referring to Economic Impact Payments.
- Keep your devices up to date and safe. Use trusted security software to protect against malware that may steal your data and viruses that may damage your files. Set your devices to update automatically so your device always has the latest security defenses.
- Use strong and unique passwords. Be sure to use different passwords that are hard to guess for each account. Cyber security experts suggest using passwords with a minimum of 10 characters.
- Use multi-factor authentication. Set up multi-factor authentication for accounts that offer it. This added level of security requires an additional level of security like a security code or question.