Nothing will kill your holiday cheer like good ol’ identity theft.
Shoppers are expected to spend a record $7.8 billion this Cyber Monday, up over 17 percent from last year, according to estimates from Adobe Insights. At the same time, attacks against consumers spike during the busy online shopping holiday, according to OpenVPN, a provider of networking and software technologies.
“Consumers need to be on high alert when shopping during Cyber Monday because scammers and hackers are looking to steal their good cheer and hard-earned cash,” said Adam Levin, the author of “Swiped: How to Protect Yourself in a World Full of Scammers, Phishers and Identity Thieves.”
And yet, just 15 percent of Americans are concerned about cybersecurity when shopping online, according to separate report by ExpressVPN, another VPN service provider.
About 2 in 3 respondents said the convenience of online shopping during the holidays outweighs the risk of a potential data breach, according to the University of Phoenix’s cybersecurity dangers for holiday shopping study.
Further, more than three-quarters of those surveyed admitted that they have “bad online habits” — including using the same password across multiple accounts, allowing social media and applications to access personal information and storing credit card information online. The University of Phoenix surveyed 2,000 adults in April and May, of which 859 have been hacked in the past three years.
“An enormous number of people are footloose and fancy free when it comes to their interactions with retailers over the holiday season,” Levin said.
But if you are not careful, “you are going to become the gift that keeps on giving,” he added.
Levin and other cybersecurity experts offer these tips to steer clear of online scams on Cyber Monday and everyday:
For starters, credit cards offer more consumer protections than debit cards, and the money doesn’t come straight out of your checking account. (It can take days for a bank to reimburse stolen funds, putting you at risk of overdrafts and bounced checks.)
Even better: Opt for a virtual credit card for an added layer of protection, according to Steven Andres, a management information systems lecturer at San Diego State University.
Apple Pay is one of the best payment methods since it sends a temporary one-time credit card number to the vendor, he said, making it a highly secure way to fight fraud.
Stay away from any online promotions via email, text or social media. “Those deals may look like a steal, but they could be a trap for fraudsters to do just that — steal your data and cash,” Levin said.
It’s always safer to enter the URL of a store yourself than to click on a link or attachment, he advised.
To that end, look for “HTTPS” at the beginning of an official retailer’s URL; for example, https://www. and not http://www.
There should also be a closed padlock icon in the address window on the payment page when you check out, said Elad Shapira, a cybersecurity expert and head of research at Panorays — that indicates that the transaction is secure.
Better yet: Shapira recommends shopping through a retailer’s app since apps are less likely to be compromised, making them safer for consumer purchases.
Free Wi-Fi seems convenient, but hackers can also use it to intercept your internet communications.
Avoid using a public, unsecured network, such as at a cafe or store, especially for sensitive transactions, advised Davis Park, director of technology outreach program Front Porch Center for Innovation and Wellbeing.
Use your personal Wi-Fi hotspot or the network connection on your smartphone instead.
Be particularly wary of any request to provide information such as your date of birth, Social Security number, bank account or even your spouse’s name.
The same goes for the information you make available online through social media. Keeping up with distant friends and family is great but “don’t give hackers a digital key to hijack your life,” Levin said.
Make sure have the most up-to-date anti-virus software and that you are using a PIN to lock your phone. In addition, use long and strong passwords that don’t repeat across accounts.
Park recommends 12 to 15 characters with strategically placed special characters or symbols. To help keep track of them all, use a password manager, such as 1Password, Dashlane or KeePass.
Check your accounts regularly for any suspicious activity or unauthorized charges and set up notifications, through your bank or a banking app, which will track your credit card transactions and alert you of account activity.
That way, “you’ll catch it first,” Levin said.