‘Don’t get scammed online this Christmas’
ONLINE shoppers are being warned by a cyber security expert to take care not to fall victim to potential scammers this Christmas.
Bruce McDougall, a director at local firm Black Arrow Cyber Consulting, pictured, said online shopping was the norm for many people and that trend had been further accelerated due to the Covid-19 pandemic.
But he urged people to take care when shopping online.
‘People accessing and buying from websites that they do not know run a greater chance of being the victim of an attack,’ said Mr McDougall.
‘Some websites give you the opportunity to sign in using your Google or Facebook account, but that is sometimes a fake screen that allows the attacker to skim off your credentials and then use them maliciously.’
A lot of people also use the same email address and password for different sites – which means that if an attacker knows a person’s log-on details for Facebook, they could try to use those same credentials to access that individual’s email account or Amazon account.
He said that there were three simple actions that could help increase security online.
‘Use multi-factor authentication. This is where you have to enter more than one piece of information to confirm your identity. For example, in addition to entering your username and password, you would enter a code that is generated from your phone.
‘If you have to use your fingerprint to access the phone that will give you the code, then that is an even greater level of security.
‘So, even if the attacker has harvested your username and password, they cannot access your account because they do not have your phone with the code.’
Using a different password for each website and account is also important.
‘Never recycle passwords. Follow the current best practice, which is to use a string of three random words, but make sure this is not text from a song or other well-known phrase.
‘Surprisingly, it can take years for a computer to crack a password made up of three random words. The problem is that many people try to create a complicated password themselves but in reality they are following a predictable pattern that attackers already know.’
Finally, Mr McDougall said that when making payments online, people should use their credit card rather than their debit card to get better buyer protection.
‘Some providers can give you a disposable single-use virtual credit card that you can use for purchases online, which means that even if the card number falls into the wrong hands, they cannot use the number to extract money from you.’