Black Friday and Cyber Monday. These are two of the largest shopping days every year, and every year you hear security experts warn about the dangers of bad links and malware infested emails promising the best online deals. Although it is the same old story year after year, it continues to be relevant, because let’s face it, it works. For tips on what you can do to safely shop online, visit our other blog post, 4 ways to avoid holiday phishing on Black Friday.
While being diligent with your online shopping is important and necessary, there are a few other steps that you can take to help protect your information throughout the holidays. Over the next few days and weeks, many people will find themselves traveling to visit with friends and family to celebrate. Use these tips to help stay safe this year.
1. Turn Off Your WiFi
WiFi is a wonderful thing for mobile phones and tablets. It allows you to connect to other devices that are not on your cell carrier network and helps you establish connections when signal strength would otherwise be insufficient. WiFi also helps you save on data by passing some services over the WiFi connection rather than your carrier’s network. Unless you have an unlimited data plan, it can be easy to creep up on your data limit while streaming music on the road, tweeting about how embarrassing families can be on Twitter, or posting the perfect Thanksgiving plate on Instagram. Charges for going over your limit are not cheap, so it is certainly tempting to soften your data load with WiFi. Those savings could be used for Black Friday shopping!
However, those savings may be costing you are more than you realize. It is important to be mindful of what networks you connect to with your devices so you can stay safe this holiday season. If a WiFi network is open without a password or using poor authentication, what you type or any data you send from one of your devices, whether it be a text message, email, or username and password, can be seen by others on that network. Cybercriminals are known to setup hotspots in public places for others to connect to and name them appropriately. For example, if you stop at a fast food chain, you may find a Fast Food Chain Guest WiFi.
Also, check your device settings before you leave. Even if you decide to stay away from WiFi networks, some phones are set to connect to one if you are in range automatically. If that’s the case, you may find yourself on an unsecured network without even knowing it.
2. Setup Two Factor Authentication (2FA)
Before heading out on your trip, take a few minutes to set up two-factor authentication (2FA) on your accounts. The most common way two-factor authentication is implemented is by using your mobile phone or email. If someone tries to access one of your accounts that is using 2FA from an unknown device, they would have to enter a username, password and secure pin that is sent directly to your email or phone. Without that pin, access will be denied. You may also want to enable alerts for logons that occur from new devices or locations.
This will help give you peace of mind that you are the only one accessing that information because nothing is worse than getting home and realizing that you purchased a lot more for Black Friday than what you brought home.
3. Avoid Confidential Information on the Road
Many of us are mobile workers. Maybe you forgot to check your bank account balance before getting in line on Black Friday to score your big-ticket item. It could be that you forgot to send your boss the final report for client XYZ before leaving the office. You may be tempted to log into your phone and complete the task before you forget again.
In cases like these, you may find it is best to wait until you get home. You may find yourself surrounded by a large number of people or several unsecured WiFi networks/hotspots, and it only takes one mis-click to find yourself connected and vulnerable. Be mindful of who can see your screen when you are viewing sensitive data. Others in the elevator, the person sitting next to you on the train, or those near you in a crowded space might be eavesdropping. While convenient, the risks can potentially far exceed the reward. Taking a little longer to respond will not usually make a difference compared to the risk of exposing your account or confidential business information to an attacker.
4. Change Your Passwords
One last thing to remember over the holidays is to make sure you keep your valuable data safe by updating your passwords. It might be best to use some new passwords over the holidays to limit damage if they are exposed. As a reminder, NIST recently changed their recommendations on what constitutes a safe password.
Rather than coming up with a long, complicated string of numbers, letters, and symbols that are difficult to remember, they now recommend keeping it long, simple, and most importantly, memorable. Passphrases, for example, are great for passwords. You can make a sentence like ilovetoeaticecreambutnotontuesday! or make it rhyme like thanksgivingfunisplayingfootballinthesun.
By changing your passwords immediately, you are ensuring that any information a hacker may have been able to steal becomes useless.
Safe travels this holiday season and may your data stay with you!