Americans plan to do as much as 15% of their holiday shopping online this year. USA TODAY asked computer security experts for their tips on how to stay safe as you buy.
1. Just say no to free Wi-Fi
Resist the temptation to use free public Wi-Fi. It is a trivial matter for hackers to eavesdrop on your connection and steal your information.
Florindo Gallicchio, Optiv
2. Avoid e-mails offering deals
Don’t click on email offers. Instead, go directly to the retailer’s website to find deals. Same thing goes for promo codes — don’t click those links to copy the code, but instead copy it and use it directly on the retailer’s website. Even the most legitimate-looking email could be from hackers phishing for account info.
John Kuhn, IBM Security
3. Don’t be lazy
If you need to create an account with an online retailer, do not use the same email address and password you use anywhere else. This is such old advice it may seem obvious, but many attacks are still successful because people reuse the same combination of email address and password in multiple sites, and attackers know it. It’s not worth the risk.
Geoff Webb, NetIQ
4. Use apps, not your phone’s web browser
Apps for sites like Amazon and Wayfair typically have an extra layer of security and encryption, making them safer to use when you’re out in public.
Morey Haber, BeyondTrust
5. Eschew convenience for security
Never save your credit card information in retail sites and web browsers. If they haven’t stored it, it can’t be stolen from them.
John Kuhn, IBM Security
6. Credit, not debit
When shopping online, use your credit card instead of your debit card. If something goes awry such as making a bad purchase with a malicious online retailer, it is usually easier to resolve any issues with your credit card company than with your bank (or at least the money is not deducted from your checking or savings account).
Lane Thames,Tripwire
7. Open your statements
Pay extra attention to your bank and credit card statements come January and February. Even small charges you don’t remember making can be a sign of fraud. If you see an unknown charge, call your bank immediately and report it.
Tim Erlin, Tripwire
8. Embrace phone-based payments
Retail data breaches have led to the compromise of millions of credit cards. Mobile payment technologies, like Android Pay and Apple Pay, cannot be cloned like traditional magnetic stripe cards. Consider using these technologies in your holiday shopping to keep your cards safe from thieves.
Ryan Olson, Palo Alto Networks
9. Don’t leave your phone unlocked
For God’s sake, set your phone to require PIN or fingerprint to access it!
Jeff Schilling, Armor