Enjoy A Safe CyberLife
Shopping Online More Safely
Shop on secure sites. Only use websites with “https” in the URL and a yellow padlock in the browser bar. Double-click on the lock to see a digital certificate of the website. Review these certificates on unfamiliar sites.
Enter correct URLs. Hackers often buy misspelled domains to trick people into entering personal information.
Never email personal information, especially your Social Security number or password and bank accounts as part of the buying process with online retailers.
Leave suspicious websites immediately. Don’t click on any of the site’s buttons, run content or download software.
Read retailer reviews before ordering. Pricegrabber.com compares prices and users’ comments on retail websites. Google Product Search, slickdeals.net and dealnews.com monitor retailers, site performance, possible issues and deals.
Use a credit card, not a debit card. Your debit card is cash. If you buy from a fake website, it’s gone … and it’s hard to get back.
Use a virtual credit card number, instead. These are single-use (also called disposable, secure or virtual) credit card numbers. A single-use credit card number is basically an alias for your actual credit card number offered by most of the major credit card issuers. When shopping online, you use this number instead of your real account number. Purchases that you make with your temporary number show up on your statement like all of your other transactions.
Read website return and privacy policies before making purchases. If there’s any doubt about fairness, find another site.
Never pay for anything upfront online. Use a service such as PayPal or a credit card that has buyer protection. Do not link your PayPal to your checking or any other account that can be immediately withdrawn from.
- Maintain anonymity. Try to remain as anonymous as possible online.
- Trust your gut. If it feels weird, it’s weird.
- Be aware of techniques for redirecting website users to “cloned” replica sites without their knowledge, also known as “pharming.” Watch for odd error messages, unexpected page layout or content or other strange site behavior.
- Create a new username and password for different sites.
- Leave it! If you suspect a website is not what it claims, leave it immediately. Do not click or run any content or software.
- Do not connect to free Wi-Fi access points. It might be the evil twin of a legitimate access point, set up to intercept your logins and online transactions.
- Do not use cracked/pirated software. These are great avenues for introducing malware into or exploiting weaknesses in a system. This also applies to P2P (peer-to-peer) illegally distributed audio and video files.
Preventing a data breach
It is almost impossible to be in business and not collect or hold personally identifying information - names and addresses, Social Security numbers, credit card numbers, or other account numbers – about your customers, employees, business partners, students, or patients. If this information falls into the wrong hands, it could put these individuals at risk for identity theft.
More than 10 million people are hurt by identity theft each year with a cost to American businesses and consumers exceeding $50 billion.
Laws and liability to business
Laws that help protect consumers from identity theft hold businesses accountable for the information they allow to fall into criminal hands. Lawsuits, stiff fines, and even jail time for executives accompany the bad publicity businesses receive when customers’ private data is breached.
The primary victims of identity theft are often not the individuals whose personal information is stolen. Businesses in possession of customers’ personal information and data also become victims.
Deter identity thieves by having a data security plan to protect personal information in place. A sound data security plan is built on five key principles:
Take stock. Know what personal information you have in your files and on your computers.
Scale down. Keep only what you need for your business.
Lock it. Protect the information you keep.
Pitch it. Properly dispose of what you no longer need.
Plan ahead. Create a plan to respond to security incidents.
Go to www.business.ftc.gov/privacy-and-security for more information on protecting personal information. You can also take an interactive tutorial to determine how your company’s practices measure up – and where changes are necessary.
Cyber liability coverage can be affordable and offer peace-of-mind protection should a breach occur. You may want to consider adding cyber liability coverage that provides services such as review of breach by legal counsel, forensic analysis to assess the extent of the breach, notification and monitoring services for affected individuals. Talk to your agent for more information on what coverages are best for your business.