- Using a credit card rather than debit card - this prevents you from needing to enter a pin in public where people can visually capture your input.
- Using Apple or Google Pay - these applications store your credit card so you do not need to physically access the card to use it.
- Using a unique PIN for debit cards - not reusing this pin for unlocking cell phones or as voicemail codes, etc.
- Never sharing passwords, account access, and credit or debit cards with others.
It's Consumer Protection Week - Here's 4 Ways to be Safer Online
Reduce the amount you rely upon search
Search became the answer for all our woes years ago. Can't remember where you stored a file? Forgot the name of the file or when it was created? Can't figure out where a setting went? Not to worry, search to the rescue! The problem with using search this way is that it allows us to pay less attention to what we are doing. We rely upon, or anticipate using search later, which makes us lazier as we are confident search will provide what we need.
What is important to know is that getting a popup that you have been infected does not guarantee you have been infected. In other words, a popup can claim anything but it does not make it true. People who call are encouraged to allow the company to connect remotely so they can "clean their computer". At this point typically one of two things happens. The user either overpays for software to remove malware from their computer that likely never existed in the first place, or worse case, this is when the real malware is installed.
The fix: Close the web browser. If the popup returns, reset the browser to factory settings or if necessary, uninstall the browser and reinstall it.
Most importantly, do not ever let someone remotely connect to your computer unless you know who they are and trust them. Remote control software was created for a great purpose - to allow technicians to help people without physically being in the same location. It can also be used to run updates and install software when users are not actively on their computers, as is the most common case with businesses. Unfortunately, those settings that make it great for remote tech support also make it dangerous when misused.
This is important because we have all been taught to look for the lock symbol next to a website to be confident the site is encrypting our data before transferring it. Unfortunately, it is not enough for a website to have this symbol. The symbol means a security certificate has been purchased for the domain. However, it does not mean it is a trustworthy website or that it is safe to enter your information.
As an example, Wells Fargo's website is wellsfargo.com. If you were unknowingly redirected to wellsfargo.online.com and someone made this fake site look just like Wells Fargo's website, you might be tricked into entering your credentials. In situations like this, the lock symbol does not protect you because you are submitting your information directly to the hackers. While the lock does show the site is secure, if you are using the wrong site, your information is still at risk.
Go directly to a site rather than clicking on a link in an email
Last but not least, clicking on links in emails can be very risky. There are examples of emails with safe links including, but not limited to:
- Newsletters you have subscribed to and trust
- Emails received after clicking a link on a website to reset a password or recover an account
- Deals or product information emails from companies you trust and that you actively signed up to receive
A hyperlink contains two parts: the text describing the link and the actual link destination. The text may look like this: "Check out our sale now!" and appear to have come from a company you subscribe to, but the hyperlink could be pointing to a nefarious website hoping to gather your personal data.