How the Grinch (and his band of hackers) stole Christmas

In 2017 Hackers abound and we are all aware of it. However be aware that during the holiday season hackers are extra giving…of phishing attempts, malware, and Trojans, which all help them steal from you or your favorite retailer due to our laziness and lack of knowledge. Below are a list of a dirty dozen things to look out for as we enter the holiday shopping season.

  1. How and where you get online is important.
    • Turns out some choices are better than others. Plugging into a wired network is usually safer than using wireless. Shopping online from your known home or work network is also a better choice than the airport of local coffee shop. Unless you are very sure who has provided the wireless network do not connect. In addition, one must realize that an “open” or wifi hotspot is almost uses null authentication, which means there is no encryption. You can still do this if you follow the following 11 guidelines, but why take the chance unless you need to.
  2. What are you exposing?
    • If you are in a public place, always lock the screen when you step away. Even when you are actively using your device be aware that anyone is close proximity can attempt to shoulder surf and gain your sensitive information.
  3. What apps are you using?
    • Whether you use an app for purchasing, for coupons or comparing prices make sure it is legitimate before downloading.
  4. What online sites are you using?
    • The same logic applies for any e-commerce site you utilize. Make sure it is legitimate before visiting. Also make sure that app download sites are legitimate and not loading a virus on your device.
  5. Does your device have security software installed?
    • Use anti-malware and other security software on all of your devices from which you shop and buy. This applies to mobile devices as well.
  6. Does the ecommerce site using secure communications
    • Any time you are making purchases online be sure that the website is utilizing SSL. Look for the look in the address bar and the https:// as the protocol prefix to the website address. This will help encrypt your personal credit information.
  7. Watch what you type.
    • There are “typo squatters” out there waiting for you to fat finger a legitimate website address and steal your important information
  8. Watch what you click.
    • Do not just click on something because it seems viable. You might get holiday cards, but before clicking look at the URL and who is sending it to you.
  9. Passwords are more important than you think.
    • Make sure that you use strong passwords always (mixed case alpha-numeric-symbolic). Also, use unique passwords for each account to keep a nefarious entity from running through all your accounts.
  10. Is your refrigerator secure?
    • Nowadays everything is connected to the Internet, if these devices have weak passwords they become a potential attack source.
  11. Never store your Credit Card number online.
  12. Beware of package delivery notices.
    • This is another common ploy during the holidays. Many of us would just assume that this is legitimate because it is the season to give (and receive).
  13. If it seems too good to be true…
    • …It is too good to be true. Always check a seller’s details, reviews, and ratings.

Have fun and shop safely. Happy Holidays from CCSI.

John Busso

Author Bio: John Busso is a Senior Network Engineer/Mobility Specialist at CCSI. He has almost 20 years experience providing secure voice and data solutions. John has been a Subject Matter Expert for Enterprise Mobile Solutions such as Guest WiFi and BYOD, providing vision for diverse clients.

John has been an Adjunct Professor and trainer. He holds numerous Industry certifications, including CISSP CWNP, CCNP, ACMP and ITIL. His experience includes working with retail, TNL-Couriers, DC’s and Airports, Healthcare, Education, DOD, Local Government, Financial, Non-Profit-Public WiFi, Entertainment and Hospitality industries. His expertise is in mobility, security, WLAN, WAN, LAN, VoWiFi, RFID, RTLS, WIPS, WIDS, DAS, licensed/unlicensed PTP and PTMP networks. Connect with John on Twitter via @JohnBusso.

The post How the Grinch (and his band of hackers) stole Christmas appeared first on CCSI.

*** This is a Security Bloggers Network syndicated blog from CCSI authored by John Busso. Read the original post at: