nCipher Security survey and tips regarding Black Friday/Cyber Monday security

Peter Carlisle, vice president of nCipher Security, looks at how consumers can keep themselves safe during this year's Black Friday/Cyber Monday deals. 

• Use payment gateways for purchases - many sites use payment gateways which are designed to protect your credit card, debit or PayPal payment methods – they never reveal your credit card information to the merchant. PayPal is regarded as one of the most secure payment methods, but it is recommended that for online payments you connect your PayPal account to your credit card, rather than your debit card, for added fraud protection.  Similar services like Amazon Pay connect your identity with your credit card information, again ensuring a safe payment environment. Credit card companies are also providing new methods for adding an additional layer of security, such as Visa Secure, that confirms your identity when you make an online purchase.

In addition, avoid shopping or inputting personal information on open, unsecured Wi-Fi websites.  Be very careful when using shared computers, as they may have malware, skimming devices or vulnerabilities, and, in many cases, they are not updated with the latest security patches. Also, ensure you have the latest software updates and security patches on your own computer.

• Be wary of malware on retailers' sites. If you see a deal from a company you have never heard of, or worse, make the mistake of going to a site that looks like your favourite ecommerce site (but is not) – check the URL to ensure you are on the right site. Always prioritise using well-known ecommerce companies that have a reputation for strong security. Most established sites have a number of tools to quickly identify or prevent malware. When connecting to online sites, always check that you have HTTPS: in your URL bar, this ensures that your communication with the website is encrypted.
  
  
• Don’t “stand in the checkout line” and simultaneously look at other products.  Just like you wouldn’t leave your credit card with the cashier in a shop and then go shopping for other goods, you shouldn’t leave your payment details open online and then surf for other products.  Websites have a number of links for advertising or information links which, in rare cases, can be used for malicious purposes.
  
  
• Always be careful of emails or sites that ask you for your personal information.  When receiving emails that ask you to click on a link or input information, check the URL to ensure it is HTTPS and rollover the link with your mouse to ensure the site you are clicking on matches where you think you are supposed to go.  Fraudulent links only have to be one letter or number different to take you to the wrong site that can then steal your information.  If in doubt, type in the URL for the main site like Amazon and then go to the relevant section to, for example, track your packages or change your password.