Dive Brief:
- Cybercriminals are prepared and ready to target online shoppers with fake websites, malicious links and fake charities, the Cybersecurity and Infrastructure Security Agency warned as the holiday shopping season gets underway.
- “By following a few guiding principles like checking your devices, shopping from trusted sources, using safe purchasing methods, and following basic cyber hygiene like multifactor authentication, you can drastically improve your online safety when shopping online for gifts this year,” CISA Director Jen Easterly said in a statement.
- The federal agency shared tips for individuals to limit cyber risks while shopping online, and encouraged organizations to review guidance it released last year with the FBI to manage cyberthreats during the holidays.
Dive Insight:
CISA advised individuals to make sure their devices are up to date with strong passwords or multifactor authentication enabled on accounts where it’s available. MFA can keep accounts protected from attackers even if passwords are compromised, the agency said.
Sticking to trusted sources for shopping can also mitigate risk. Individuals should think about how they’re searching or finding deals and take steps to ensure they’re on the correct vendor’s website.
And when it’s time to fork over the money for a purchase, individuals should understand how their information will be stored and used. Safer methods include payment gateways such as Apple Pay, and CISA encourages shoppers to use a credit card instead of a debit card, if possible.
“Your cyber safety should be treated like your physical safety,” Easterly said. “Stay vigilant, take steps to protect yourself and trust your instincts. If you see something that doesn’t look right, there’s a good chance it isn’t.”
