Hacking The Holidays: Protect Your Credit Card Information

Unfortunately, the Grinch is not the only one out there wishing to steal Christmas.  While the holidays generally encompass a time of joy and giving, it can also bring with its share of troubles.  It is during these times that people will most often let their guard down.  In the search for the best deal, or perfect gift, people will often overlook or forget about Internet safety precautions.

Cyber criminals love to take advantage of the holiday season

From websites offering incredible deals on the holiday’s biggest gift to sites offering Grandma’s homemade fruitcake, users must be careful about with whom they are placing their confidence when purchasing items.  Malicious criminals will often create fake websites, or even try and hijack vulnerable sites, to intercept purchases and steal credit card information.  With all the debits coming from the purchase of Christmas gifts, many people do not see that extra cash has been withdrawn from their bank accounts.  For some, their credit card information is sold on the black market to the highest bidder and it could be months before any type of activity is noticed.

Is the solution to return to onsite physical shopping?  While many of the online schemes can often be sifted out, it can be much harder to detect whether a store is taking all steps necessary to protect your information.

It is not just through false, or hijacked, websites that criminals are procuring your information.  The holiday period will generally see a rise in spam emails that offer the best deals in hopes of attracting your attention.  These emails may contain nasty surprises that would seek to harm or hijack your computer.  Email greeting cards are high on the list of items that are most often tainted.  Most of these generally require some form of client side extension to run, like Flash or Java.  By viewing the card, you could be one step closer to having a hijacked computer that is now doing someone else’s bidding, or even gathering your personal identifiable information.

Tips to protect your credit card information

There are many things you can do to protect yourself during the holidays.  Some precautionary steps include:

  • When shopping online, check to see if the site is using a secure certificate and is employing SSL to secure your data in transit.  This can often be done by looking at the address bar in your Internet Browser.   Google Chrome users can often see a little lock that will show whether a site is using SSL by displaying a green lock to the left of the web address.
  • Use sites such as Ripoffreport.com to check if other people have reported the site as fraudulent.
  • Visit the Better Business Bureau website and check for a company’s validity.
  • If you receive any of wonderful email greetings from people you know, it might be best to first contact the sender and ask if they, in fact, sent the email.
  • Make sure to keep up with updates on your computer so all the latest security patches are applied.  This includes updating your Flash and Java extensions as well.
  • When performing updates, always make sure to go to the actual website when possible so you don’t accidentally install one of those fake, malicious update.

A great way to protect your credit card information is to use a prepaid gift card to make your Christmas purchases.  Using this method can protect you from many types of pitfalls.  If the card is stolen, only a set amount of money would be lost.  In addition, if a site or store is compromised, the card will be limited in the amount of money that can be stolen.  An added bonus is that it will also help keep your spending down.  By setting a limit, you can more easily control your spending habits this holiday season.

The most important thing to remember is that you can never be too cautious.  At A-LIGN, we deal in web safety all the time and we want everyone to have a safe & happy holiday season.  So stay alert, be proactive about checking for security when shopping online and make sure emails you receive are indeed from those that sent them!

Author:  Stuart Rorer, Senior Consultant at A-LIGN