Cybersecurity Checklist For Holiday Shopping & Travel

For many in the U.S., the Thanksgiving weekend officially begins at the end of today’s work day and thus starts the beginning of the holiday season. This year there will already be enough pains to deal with: congested roads, packed stores and airports, not to mention messy weather. One headache you can avoid is Cybercrime, so take these fairly simple steps to keep yourself and your gadgets secure while traveling and shopping.

 

Traveling Tips

Whether you’re traveling cross country, around the globe, or just over the river and through the woods to Grandma’s house, here are some easy ways to keep your personal info secure in the wild.

Back It Up & Lock It In

Securely back up any important data on your device and keep it in a safe place at home or work. After backing-up, make sure your devices are well protected with a password and disk encryption. Consider leaving devices with really important data at home.

Clean & Sanitize Your Devices & Luggage

A simple way to cut back on the amount of personal info you carry around with you while you travel is to remove any unnecessary personal items such as extra credit cards, ID’s, USB’s, etc. from your luggage. You can also digitally clean up your devices, by sanitizing your computer and ensuring that no sensitive corporate or personal data and also deleting your browser history, cookies, and stored passwords in case your device is compromised during your stay.

Stay Secure on Public Wi-Fi

Public Wi-Fi is both a blessing and a curse.  It provides us flexible, cheap/free access to the WWW on the go, and what’s better than free internetz? Unfortunately, this is the exact selling point that attracts many scammers and fraudsters to public Wi-Fi, and it’s vital to not let caution to the wind when using public Wi-Fi.

If you’ll be in and out of airports or public spaces this holiday season, it’s worth your while to purchase a VPN (Virtual Private Network).  Definitely use a VPN if you plan on using your credit card info over public Wi-Fi, but with security dangers not totally displaced with a VPN, try and limit your purchases when using public Wi-Fi. Keep in mind that the 3G/4G connection on your device is more secure than using public Wi-Fi. Disable any file and printer sharing settings and disable Bluetooth if applicable.

Bonus Tip: Give extra attention to what you post about your travel plans on social media. Criminals will have a much easier time accessing both your physical and digital property if you broadcast where and when you’re going. (Thanks to Duncan Sutcliffe for the tip!)

Shopping Tips

Between Black Friday, Cyber Monday and the rest of the commercial Holiday season, scammers and hackers take major advantage of the increased traffic both in-store and online. Follow these tips to shop safe no matter where you buy from.

Patch & Update Your Computer

If you’re planning on making online purchases, make sure the device you’ll be using as well as your web browser is up to date with the latest patches and updates. Also ensure your browsers are You should also make sure to have an anti-virus application running and receiving automatic updates. Make sure your Wi-Fi is secured and encrypted with WPA2 (Wi-Fi Protected Access, 2nd Generation) before using it to make online purchases and enable your firewall, as well.

Ensure You’re Shopping On An HTTPS URL

The added ‘S’  for Security is the result of combining the security capabilities of the SSL/TLS (Secure Sockets Layer/Transport Layer Security) protocol to allow for short term exchanges over a session key and to encrypt the data flowing between client and server. In short, it provides better authentication of the site you’re using and the server it’s communicating with to prevent man-in-the-middle attacks and ‘eavesdropping’. In e-Commerce it’s highly deployed, but it’s worth a split-second of your time to double check that the sacred ‘S’ in up there if you’re going to be spending your hard-earned money online.

Use Strong Passwords on E-Commerce Sites

We really can’t stress this enough, especially given all the latest breaches that have revealed that we are generally AWFUL about choosing strong passwords. We agree, it’s not easy to remember all your crazy-long passwords, but there are plenty of apps and tools to help you keep up.

Tips for Creating Strong Passwords:

  • Make it at LEAST 8 characters long and include an uppercase letter, lowercase letter, a number AND a symbol.
  • You shouldn’t use your name – first or last – or your company name.
  • Make it gibberish – try not to use a real word at all. If you want to, use a shortened passphrase if it will help you remember. For example, ‘My Favorite Food Is Steak’ could become “MiFfiZst8k!”
  • Finally, make it unique! A best practice is to create a brand new password with every new account. Avoid having to reset ALL your passwords if one of the sites you frequent undergoes a breach.
Use A Credit Card Over Debit Card

Should your card get defrauded, you’re only liable to get your money back if you used a credit card for a purchase, as it’s protected by the Fair Credit Billing Act to reduce your liability in the case of improper use. While credit cards come with their own list of personal and financial issues, they are best for big holiday purchases.

Last but NOT least: Use Common Sense!

At the end of the day, the number one tip we can give you is to use your common sense when navigating the world both in reality and cyberspace. We can’t stress enough the importance of making rational decisions when your personal and financial details are on the line. Don’t click on pop-ups or unadulterated links; incredible offers are probably just that – incredibly fake; and if an offer is too good to be true, it probably is!  You can avoid a large majority of scams and attacks just by thinking twice about what you’re doing online.

 

Related Articles:

The following two tabs change content below.
Sarah is in charge of social media and an editor and writer for the content team at Checkmarx. Her team sheds light on lesser-known AppSec issues and strives to launch content that will inspire, excite and teach security professionals about staying ahead of the hackers in an increasingly insecure world.

Latest posts by Sarah Vonnegut (see all)

Jump to Category