This time of the year is a gold mine for cyber criminals, as shoppers are rushing to bag bargains, and employees are already mentally clocking out for the holidays.
Fake websites and phishing emails promising truly unbelievable offers are rampant.
So with this in mind, we've highlighted 7 tips below to keep you safe in the run up to Christmas and beyond!
Stay up to date
Installing the latest software and app updates is an essential part of protecting yourself. Updates aren't just for exciting new features, they usually contain really important security updates which can protect you against a number of attacks. Turn on automatic updates where you can!
Use strong and separate passwords
Secure your important accounts with a strong password, and do not reuse passwords across accounts. A huge number of the businesses in our investigations have suffered because of weak passwords, and this. Do not use personal information in passwords. Instead, use a combination of random words, substituting certain letters for numbers/symbols.
Turn on two-factor authentication (2FA), now!
2FA is an extra layer of protection which double checks that you are who you say you are when logging in to accounts/applications. A 2FA service will send an extra code to the device that you register it to, meaning that unless cyber criminals have access to that device in some way, they won't be able to log in to your account. If possible, use an authenticator app rather than a text based 2FA service, as this is generally more secure and defends against Sim Swapping attacks.
Use a password manager
Having separate passwords is important, but it can be difficult to remember them all. You could consider using a password manager to get rid of this problem. Be aware that if you do use a password manager, you should make sure that your master password is incredibly secure (see the above rules for creating a good password).
Take extra care over links in emails and texts
Always be wary of suspicious links, in fact try to get out of the habit of following them if you can. For example, if an email is referencing your account in any way and asks you to follow a link to do something, then go and log into your account separately (i.e. not using that link) to check activity there. Same goes for information on deals/coupons/vouchers, you should always look through other channels to verify information. Links could lead to fake websites designed to steal your information or money, and attachments could be malicious files.
Only shop on sites that you trust, and report phishing emails to Action Fraud or hit the Spam or Report button within your email account.
Don't give away too much information
Normally online stores will ask for some information e.g. address, and some bank information to complete a purchase. If a store is asking for personal information which shouldn't be needed such as where you went to school, or your mother's maiden name, then this could be a red flag that a purchase is not legitimate.
Also, if you can avoid it, don't create an account unless you plan to use a site in the future. You can usually checkout as a guest.
When things don't feel right
If something doesn't add up, then take five and take a second look at what you're being asked to give/do. If you're concerned that you may be at risk of cyber crime, then immediately close down your internet browser. Report the details to Action Fraud (0300 123 2040 / www.actionfraud.police.uk) and contact your bank to seek advice. Whether you've been a victim of fraud will depend on how much information you've provided to the website. Keep an eye out for fraudulent activity on your accounts, and for any suspicious follow up activity through emails/texts/phone calls etc.