Don't let Cybercriminals ruin Christmas: Stay safe from malware with tips on staying safe online from Kaspersky Lab

04 Dec 2009
Virus News

It's the most wonderful time of the year. It's also a great time for Cybercriminals to take full advantage of online shoppers with new and improved ways of stealing your confidential information. Whilst it's convenient to shop online, you can easily fall victim to an attack – even by visiting a completely legitimate website. There are ways however, to keep personal information safe. Here are a few quick tips for safe online shopping from Internet security experts Kaspersky Lab.

1. Know what you're buying and whom you're buying it from.

Fraudsters can set up e-commerce stores under any name to phish for your credit card information. Locate and note phone numbers and physical addresses of vendors in case there is a problem with your transaction or your bill. If you're shopping online and receive a pop-up chat box asking for your credit card details, ignore it and close down the Web site. Legitimate online sellers never ask for information via chat boxes or e-mails.

2. Make sure your transaction is encrypted and your privacy is protected.

Many sites use SSL (Secure Sockets Layer) to encrypt information. Check your browser URL to make sure it begins with "https://" and has a closed padlock icon on the right of the address bar or at the bottom of the browser window. Before entering personal or financial information into an e-commerce site, it's worth taking a moment to check the site's privacy policy and understand exactly how your information will be stored and used.

3. Keep your computer up-to-date and secure!

Be sure to install and keep anti-malware software updated with the latest signatures on your computer. This will help protect you from viruses and data theft Trojans that steal sensitive financial information. Apply all operating system patches in a timely manner and install updates for all browsers and commonly exploited third-party applications. These include everything from Adobe's Flash Player and PDF Reader to Java and iTunes. If you don't know what programs are vulnerable try running a free vulnerability scan from Secunia, available at http://secunia.com/vulnerability_scanning/. Additionally, many operating systems and software programs offer automatic updates. If this option is available, you should enable it.

4. Use a dedicated credit card specifically for online shopping.

It makes sense to shop online with a single dedicated credit card with a low credit line. This limits your exposure to fraud and allows you to protect transactions under the UK PCI Compliance regulations. This lets you dispute charges under certain circumstances and temporarily withhold payments during an investigation. Avoid using debit cards that draw money directly from your bank account.

5. Use strong passwords and security features.

It's a piece of cake for malicious hackers to crack weak passwords and hijack your accounts at e-commerce sites. Get into the habit of using a different password for every online store and, if necessary, write down those passwords and put them in a safe place. When choosing a password, here are some tips to consider:
  • Don't use passwords that are based on birthdays or pets' names that can be easily accessed or guessed
  • Don't use words that can be found in any dictionary of any language. These can be cracked with software tools
  • Develop a mnemonic or passphrase for remembering complex passwords. A passphrase is a sequence of words used in place of a password. They can be more easily remembered than passwords without being written down, thus reducing that risk as well. A memorable sentence can be used to generate the actual password by using the first letter of each word, for example: ‘The quick brown fox jumps over the lazy dog' becomes – 'tqbfjotld'
  • Use both lowercase and capital letters
  • Use a combination of letters, numbers, and special characters

Check back statements and look for discrepancies.

Keep a record of your purchases and copies of order confirmation pages, and compare them to your bank statements. If there is a discrepancy, investigate it thoroughly and report it to your financial institution immediately.

To find out more about Computer Threats visit: http://www.kaspersky.co.uk/threats

To read the latest security news please visit: http://threatpost.com/