Online shopping is now a part of our entire life, and many cannot imagine their daily routine without it. With a few clicks, and a delivery person has brought pizza or food right to your door, while movie tickets go directly to your mailbox.
This requires a lot more, and not a bit of vigilance: not only online shops and services are after your money, but also scammers. Today Kaspersky will talk about the tricks of cybercriminals and how to protect your funds when shopping online before the end of 2022.
Attackers constantly target user accounts in e-commerce related services. Why? Sometimes things are very simple: they want to get access to the payment card linked to the account and have fun with the funds you have. Without a doubt, the consequence of account hijacking is that it can lead to immediate monetary loss.
Of course, there are more complex cases when hacked accounts are used for various fraudulent schemes, for example to deceive other users or online services, as well as to launder and cash out funds.
This means that if your hacked account is used for illegal activities, it doesn’t necessarily result in a direct loss of money. However, your reputation is also at stake with all the inconveniences that come with it.
Here are some simple Kaspersky tips to help protect your data and money when shopping online:
Use a strong password
Of course, hardly anyone forces passwords these days by entering them one by one. But even with modern cracking methods, shorter, less complex passwords are far more vulnerable.
So, the rule still applies: the longer your combination, the less likely it is that cyber criminals will pick it up. We recommend using at least 10 characters — even for insignificant accounts. And for really critical accounts, it’s better to make the password twice as long.
Another dangerous habit is using the same password for multiple sites. Having retrieved the credentials for one account, cyber criminals are unlikely to stop there and will try to log into other services with the stolen username and password.
You can design your own password generation system, or use a password generator to generate strong random combinations. And so you don’t forget them, you can save your credentials in a password manager, which usually includes a password generator as well.
Use a VPN to connect to public networks
A secure connection encrypts all traffic and can therefore prevent attackers from intercepting your login credentials and payment details. Check here on how to choose the best VPN app.
Don’t link bank cards (both debit and credit) to online shopping accounts.
In particular, attackers like to steal accounts that are rarely used — this way their actions will go unnoticed for much longer.
Therefore, it is worth linking a bank card only to frequently visited online stores, and make sure that the account is not hijacked and that no suspicious transactions have appeared in the purchase history. In other cases, it is safer to reject the “remember card” option and enter the number manually.
Pay with a payment service
Payment services, such as Google Play or PayPal, store your data in encrypted form on secure servers. The vendor or shop where you shop only accepts the virtual account number assigned to the card by the service. Because your card data is invisible to vendors, this makes the financial process safer from unscrupulous sellers, data leaks from sites, and data interception during transmission via the internet.
Have a separate card for online shopping
Have a separate card for online purchases, and save minimal funds for it. Even if an attacker knows the details of this card, they still won’t get your hands on your main source of money. It is best to top up the card immediately before making a purchase and only with the amount you are willing to spend.
Track your payment history
Prepare transaction notifications, and check payment history regularly. If you find anything suspicious, contact the relevant bank immediately. Any unexpected discharges, even small amounts, should be watched out for, as they may be scammers launching attack trials. Also be on the lookout for the first automatic payment activity for a subscription that you have never requested before.
Use reliable protection
These simple rules for protecting data and money will make your online shopping experience safe and secure. To avoid the tricks of cybercriminals, read Kaspersky’s post on how to recognize online fraudsters. Use a reliable security solution that automatically detects and blocks phishing sites.