The combination of online holiday deals and shoppers quickly buying lots of items creates a fertile field for cyber criminals to steal personal information.
Cyber security expert Michael Madon is with the company Mimecast. He also works with the U.S. Defense Department and has helped guard against online threats against the U.S. Treasury.
“While we’re all hunting for the hottest deal, cyber criminals are hunting for us. For them, it’s Cyber Monday too.” – Michael Madon, Mimecast
Madon says online shoppers need to be especially wary of clicking on links in pop-up ads or opening email attachments offering holiday deals. He says they could actually open portals for online crooks to obtain a person’s financial information.
“When you’re shopping and you have these impulse buys? Just keep in mind while you’re hunting for the hottest deal, the cyber criminals are hunting for you. For them, it’s Cyber Monday too,” Madon said.
Homeland Security officials also caution that fake charity sites often appear during the holidays.
They say it’s best to go directly to the home web site of a charity or retailer before making any online payments.
Click on the player above to listen to an interview with cyber security expert Michael Madon, and read his suggested precautions for online holiday shopping below.
1. Shop on a secure Wi-Fi network
“Wi-Fi you know is good, Wi-Fi you don’t know, not so good,” says Madon. He recommends only entering personal data like credit card information when using a secure, personal network.
2. Know your vendor and avoid pop-up deals
“If it’s too good to be true, it probably is” says Madon. He says you may see pop-up ads that offer amazing deals, but these could be fake deals attempting to get you to shady websites that steal your information.
“Go directly to the vendor’s website, or, better yet, download their app and go in through their app,” says Madon. He says stay away from pop-ads in general.
3. Don’t send gift cards as payment or to make donations
“These cards are basically like cash, and they’re basically untraceable, so it’s really easy for scammers to get away with their crime,” says Madon.
4. Don’t email or text personal information
“No legitimate banking institution will ever ask you to provide personal information by email or online,” says Madon. He says texting may be perceived as safer than other means of communication, but it’s not.