Sunday, December 19, 2010

Cyber Security Tips for Online Shoppers

Safety Tips for Cyber Shopping

Now that the holiday shopping season is in full throttle, cyber shoppers are heading to online malls in search for a great bargain. Online bargain hunters need to take precaution to ensure that they are not victim of identity theft or other cyber attacks. I contributed to a story ("Cyber Security: Pay Close Attention When Shopping Online This Holiday Season") back in 2007.

Below are some precautionary measures that you can take, not just during the holiday shopping season, but in any online ecommerce transaction:

Make sure that the computer from which you are doing your shopping is adequately protected. This can be accomplished by ensuring that the system is kept up to date with operating system’s patches, hot-fixes, and relevant patches. Patches should also be applied to user applications such as document editors, Microsoft Office, Adobe Readers, Internet browsers, and so forth. If there are multiple users sharing the same computer, make sure that an account is created for each user. By patching, I do not mean simply focusing on Windows system but Mac OS and Linux operating systems as well. Part of securing your computer involves using anti-virus software, updating the virus signatures, and scanning your computer frequently for virus and malicious software. Protection also includes enabling a firewall and intrusion detection system to alert you if your system is attempted to be compromised.

Make sure your Internet browser is protected. The Internet browser as well as email applications are the main attack vectors used in most sophisticated attacks. To this end, the cyber shopper needs to ensure that the respective software are heavily guarded. Update your browsers and apply patches to them proactively. Ensure that the browser cache and temporary Internet files are erased (“emptied”) and the browser is closed when finished. Is the computer you are using a shared one (family members, library, hotel lobby, etc)? Securing your computer ensures that attackers and cyber crook can’t easily steal your data.

Make sure that network from which you are connecting is protected. If you are one of those that thinks you can tap into your neighbor’s wireless network for your Internet access, think twice. Make sure you have a good assurance that the network that you are using to transmit your data will not compromise your data.

Know the merchant from whom you are purchasing. While a well-known brand may not necessarily have a more secure website or backend servers than an unknown brand, a well-established and known company may be more willing to work with you than an unknown store, which may well be a fly-by-night operation.

Consider opening and using an account with Ecommerce payment services, such as Paypal, Google Checkout, as Google Checkout, or Wirecard.  Through this type of service, you store your credit card, banking information, and shipping address information with one of these service providers. You can then pay any online shop that “accepts” these payment methods for the exchange of goods or services. This mechanism ensures that your payment data is not provided to all online shops from which you purchase merchandize or service.

Protect Your Privacy: Ensure that your personal and confidential information is not published online in emails, social media and forums. Combined with other data, cyber crime may be able to steal a persons’ identity when they are not stored or transmitted securely. Avoid providing your confidential information (social security number, PIN, password, etc) to anyone claiming to be from the “Technical Support” department. Resist sending these information in emails or texting them! Beware of phishing emails, which may contain malicious Internet links or attachments, which may only get you to visit hostile sites that may compromise your data.

Other tips to consider include:

Educate yourself on cyber security and online safety.

Change your password with each cyber store often -- at least once in six months. Do this on your computer and other online accounts that you may have as well.

Ensure your personal and confidential information is not stored on your computer, or if it is stored, make sure it is encrypted.

Trust No One, except your unborn child! People you trust may deliberately, inadvertently, or innocently compromise data under their control.

In summary, while the precautionary items mentioned above may help protect your online experience, they are not panacea. Although a determined attacker can still compromise a users’ data even with a lot of protective mechanism, hackers generally would be more interested in going after easier targets.

Have a happy and safe cyber shopping!



Cyber View Points

After much contemplations, I've decided to start writing about things that are thought provoking and offer alternate view points on cyber-related matters. I will try to use this blog -- Cyber View Points -- to dig deep into issues that are not often talked about in any medium -- print or online.

I will try to address and offer my opinion on events, news, and topics in the areas of online privacy, identity theft, cyber crime, cyber security, digital forensics investigations, physical security, and training.

I encourage you to share your thoughts in a manner that does not hurt other individuals or businesses but cause people to do their best in securing the cyber space.