Stay Safe While Shopping Online This Holiday Season with Tips from NSU’s Computer Experts

FT. LAUDERDALE-DAVIE, Fla. – “Internet users are constantly targeted by spam, ‘phishing’ scams, identity theft, and any number of other online attacks,” said Gurvirender Tejay, Ph.D., one of Nova Southeastern University’s (NSU) information security experts from the Graduate School of Computer and Information Sciences. “Most of these fraudulent activities prey on the kind-hearted and the generally trusting nature of our society.”

Don’t become a victim while shopping online this holiday season. Instead, stay ahead of would-be internet crooks by following these expert steps to stay safe during online interactions:

Open sesame is not so good. Use a combination of alphanumeric and pass phrases to create strong passwords that are difficult to guess or break. Do not record passwords in accessible spaces such as your desk drawer. If you want to store the password on your computer, do encrypt that file using encryption software from a recognized vendor such as PGP to make it unreadable by others. Do not share your password, secret code, or answer to the secret question with anyone. Finally, remember to change your passwords on a quarterly basis.

No independent second life. Be aware that your virtual life is not separate from your real life. Any data provided on social networking websites (including emails, chats, blogs) leaves an electronic trail and has the potential to be viewed by other users. So, practice prudent posting and create usernames or email addresses that do not contain any information that is directly traceable to you. Don’t forget that even if you delete the information, the data may still exist.

Look for the lock for trusted websites before engaging in any online transaction. The small “lock” icon in your web browser will tell you whether the transactions are encrypted or not. Also, secure websites usually have an address starting with https:// instead of http://. Finally, check the site you are visiting for webseals of approval such as BBBOnline, Truste, WebTrust, and Verisign. These webseals are awarded to merchants who abide by information security and privacy guidelines outlined by the government and industry groups.

I am not the weakest link. With a little caution and awareness, an individual can serve as the strongest defense against social engineering attacks. These attacks involve tricking people to divulge confidential or private information to perpetrate a computer crime. Be prepared to say NO. For example, if you get a call claiming to be from your bank technology support, do not provide any confidential information (such as account number or password) at that time. Instead, call back using the phone number from your records. Social engineering attacks may also be carried out using emails or automated software programs. Always check the source of any email or automated program.

Not so private computers. Be careful while using a public computer or wireless networks including Wi-Fi hotspots. While using computers provided in the library or at an Internet café, do not allow automatic log-on or the option to remember your username and password. Also, don’t forget to delete visiting history, cache and cookies after use. Avoid online financial transactions while using public wireless networks.

Email safe sense. Do not open or click on any suspicious email. Make it a habit to never fill out forms or provide information through links provided in an email, instead go directly to the website of the merchant by typing the web address and then fill out the online form if necessary. Use encryption when sharing sensitive personal information online. PGP has easy to use products for these purposes.

Avoiding online fraud can seem like a tricky proposition especially during the holiday shopping season, Tejay said. “Criminals develop new scams every day, but with a few simple safety precautions you can greatly reduce the likelihood that you will fall victim to an internet crime.”

He also cautions consumers against providing too much information, especially during business transactions. “We need to develop a pragmatic approach toward protecting digital information,” Tejay said. “Nowadays, corporate institutions have a tendency to collect additional customer information that might not even be necessary to conduct regular business. While we need to hold corporate institutions socially responsible, it is also important to remember the basic tips for safe ONLINE interaction.”

Media Contact:
Andra Liwag, NSU Office of Public Affairs
(954) 262-5309 office, (954) 873-8494 desk, andrali@nova.edu