Feature Story

Five security tips to ruin a hacker’s holiday

by Kevin Delaney

Five security tips to ruin a hacker’s holiday

How savvy shoppers can ward off the cyber grinch.

For hackers, Cyber Monday is like Christmas itself.

With millions of shoppers scrambling for online deals and quick purchases — often while multitasking during work hours — they see a gift-wrapped invitation to a holiday party.

But savvy shoppers can avoid holiday cyber scams — if they know what to look for.

That’s especially important this season. With the COVID-19 pandemic still surging, Deloitte predicts a 25-35 percent increase in online shopping. And Cisco Umbrella is already reporting a 40 percent increase in online phishing scams since last year.

See also: Cisco's best security practices for WFH

But those scams don’t have to dampen your holiday season.

Based on expert advice from Cisco security experts like Craig Williams, director of the Talos Outreach Team, the following simple steps will ensure that cybercrime won’t be the grinch that steals your holiday shopping experience:

  1. If it’s too good to be true, don’t click. That unknown website selling the sold-out Xbox? The 90 percent discount from subtly misspelled “Targett?” Chances are those incredible offers probably are just that: incredible. So, think before you click — or worse, disclose your username, password, or credit-card number.
  2. Don’t assume your friend is your friend. With the pandemic, we’re all feeling a bit isolated, especially as the holidays roll around. And friends and family are more important than ever. But that unusual email from your old college friend may not be what it seems. And what looks like a fun attachment — or one posing as an emergency demanding fast action — could be poised to wreak havoc. Again, think — or verify with your friend — before you click.
  3. Manage those passwordsNothing gets a hacker into the holiday spirit like the same weak password used for multiple accounts. But keeping track of different, complex passwords can be a hassle (though not nearly as big a hassle as malware, ransomware, or identity theft). A secure password manager makes it easy to employ a unique password for each website you use. That way, even if you do get hacked, the damage will be limited.
  4. Double the trouble (for hackers). Two-factor authentication is one of the best ways to dampen a hacker’s holiday spirit. The best, like Cisco’s Duo Security, are heavily encrypted, benefit from a vast, global infrastructure, and are simple to use. But any device, app, or service that supports two-factor authentication between different services will be a good choice.   
  5. Stay up to date. Software developers work hard to constantly improve their work, fix bugs, and stay ahead of the hackers. But if you aren’t updating your software, you’re missing out on all those benefits. The good news is that automatic software updates, which were once problematic, are now highly reliable. So, turn them on and forget about them!

Cybercriminals love low-hanging fruit. And for them, nothing says “stocking stuffer” like an unaware online shopper. Your goal as a consumer is to stay off the bad guys’ wish list.

The best thing about this list? The solutions are easy to follow, inexpensive (or free!) and highly effective. So be sure to check it twice. And spread the season’s joy to your loved ones — not the hackers.

See also: In a fast-changing world, IT agility rules

###