Black Friday is among us and is the unofficial kick off to the Christmas chopping season. Retailers try to get the best deals out there to get your money and the beautiful competition of capitalism takes over for the next 60 days. As a shopper you are looking for the best deals but in the shadows there are a far more dangerous groups of people who enjoy this time of year as well, hackers. Like you, this time of year is like Christmas for hackers because the amount of transactions that are occurring. It is estimated that $60 billion will be spent this Black Friday through Cyber Monday. The majority of the transactions will be done through credit and debit cards and that’s what the hackers are hoping for. Your information out there in the pool of millions of others and the chance that one retailers will slip up and exposed them all. Target slapped the country across the face with reality of how flawed the current transaction systems are and most just keep on doing the same things without changing their habits.
I want to lay out a few simple things you can do now to strengthen your financial security on your accounts and information in the event of an unfortunate breach:
- Change Your Online Passwords – You should be doing this regularly anyway but before the holiday season reset all your critical financial website passwords. I wrote a password best practices, go back and read that on how to create proper passwords. Another password post you may find interesting.
- Set Up Spending Amount Alerts – Most banks have alerting features on your accounts to email you if your balances get below a set limit but on the flip side can alert you if you have a large transaction as well. For example, if your normal practice is to never have more than $200 at once, setup an alert for that. If there is an unexpected charge on your account, you can be alerted to it as soon as possible rather than waiting until your statement.
- Flag Your Credit Report For Authorization On New Accounts – Did you know you can call your bank or the major credit agencies and flag your account in such a way that any attempts to open new cards requires your verbal authorization? Depending on the bank there is a month fee for this ability but it’s worth it. If your data is compromised at a minimum no new cards could be opened.
- Use Credit Cards, Never Debit Cards – In the world of online transactions debit cards are convenient but terribly risky. If your debit card is compromised the hacker has direct access to your cash. It’s like sticking their hand into the piggy bank and walking away with the money. There are very few protections on getting that money back if this happens. Credit cards have liability protections built-in because you are technically not spending your money but the bank’s. If your credit card is stolen you can not be liable or responsible for the charges. Debit cards, the money is gone, gone, gone. But if you have the money in your accounts to use a debit card, take few extra minutes and withdraw the amounts out of the bank and use cash. Cash is still king.
- Use Extra Diligence And Observations When Shopping Online – When shopping online you are on your own. Be aware of where you are, how you got there, never click on links in emails, check the websites security, and double-check before you enter any credit or personal information on a website. Stick to the major ones, always use a credit card NEVER a debit card online, and watch your statements. I have a prior blog post that I go into greater detail on safe Internet use.
- Scrutinize Your Email – Tis the season of email phishing, attempts to trick you into entering your passwords and/or personal information into a hacked website. Email is evil, never trust it. It’s so easy to spoof, trick, fool you into thinking something is legitimate when it’s not. Slow down and read the email, look for spelling mistakes and if you doubt a link, never click on it. Always remember no company will EVER ask you through email to login or your account will be shut off. NEVER, EVER, EVER!!! I also have an email post with more details.
Ultimately be more observant of your accounts, the bank’s protections are more to protect themselves than you. That’s the reality. Don’t rely on retailers or banks to notify you in a timely manner if your information has been compromised. Watching your accounts for unusual charges will be the first indication that something was wrong, especially odd $1.00 or $0.99 charges. Hackers will usually try a few smaller charges on your stolen information first to see if the cards are active then they will do the big ones. Retailers may never know they were hacked so relying on getting a letter is not advised. It your credit score, your money, your life. Be aware.
Most important, be educated and educate others that may not be as technically savvy to know the tips above. Spread the word. The more you know the better and knowing is half the battle.
End of Line.
Binary Blogger has spent 20 years in the Information Security space currently providing security solutions and evangelism to clients. From early web application programming, system administration, senior management to enterprise consulting I provide practical security analysis and solutions to help companies and individuals figure out HOW to be secure every day.