How to protect your data from scammers

Online holiday shopping is expected to reach a peak of $910 billion in 2021—a cybercriminal’s jackpot after a record-breaking year of cybersecurity breaches like Colonial Pipeline and Kaseya. 

Shoppers overwhelmed by stress, and retailers distracted by supply chain challenges and staffing shortages will undoubtedly be more susceptible to phishing attempts and other social engineering attacks this year.

Cybercriminals don’t take time off—and neither should your cybersecurity measures. Individual shoppers and business leaders must stay alert and proactive to protect themselves—now—before it’s too late. 

Here are six ways to protect your data now and in the future.

Beware of phishing scams

Phishing attempts can range from unsolicited emails posing as charitable organizations to bogus package delivery confirmations. People naturally expect to receive a lot of packages during the holiday season and hackers take advantage of this by pretending to be companies like FedEx, UPS, and Amazon to trick victims into giving them personal information that they can use for their gain. Stay on high alert to avoid falling prey to malicious actors’ ploys to steal your private information. 

Be smart about where you spend

To reduce the risk of your data being compromised, buy from merchants you already know and trust. Promotional advertisements claiming to offer incredible deals can be enticing, but you should go straight to a trusted merchant’s main website to make purchases instead of clicking on links you find in emails and on social media.

Use a password manager

Strong, unique passwords are your first line of defense against cybercriminals breaking into your online accounts and stealing your personal data. A password manager gives you a secure place to store all your passwords, and it gives you easy access to them when you need them. 

Don’t use public Wi-Fi

For online holiday shopping, use a secure cell phone signal, or simply shop from the comfort of your home. If a public network isn’t secure, and you log in to an unencrypted site, other users on the network can see what you type—including payment information and passwords.

Enable Multi-Factor Authentication (MFA)

More commonly known as Two-Factor Authentication (2FA), MFA is an authentication method that requires a user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. By requiring one or more additional verification factors, you decrease the likelihood of a successful cyber attack. Check your applications and accounts to see if 2FA is available (it’s commonly in the form of an SMS code sent to verify your identity) and use it everywhere you can.

Update your software

It’s easy to procrastinate on software updates because they can take up valuable time, and they might not seem important. Unfortunately, skipping patches is a big mistake that keeps the door open for hackers to access private information, putting you at risk for identity theft and more. Though updating your software can feel like a boring workflow disruption, trust me, it’s worth making the time. 

During the season of giving it’s especially important to make sure you’re not giving away sensitive data to scammers. Put these six strategies to work and you’ll be on the road to ensuring your data is secure all year long. 

Caroline Wong is the chief strategy officer at Cobalt, a global, remote-first cybersecurity company with a focus on Pentest as a Service (PtaaS).