Cybersecurity Expert Offers Holiday Shopping Tips

Nov 23, 2018

Cyber Monday has grown in popularity as companies offer online deals the Monday after Black Friday. As people use different platforms to make these purchases, their personal information may become vulnerable. On this week's Friday Forum, WNIJ's Jenna Dooley talks with an expert who teaches cybersecurity in the Department of Computer Science at the University of Illinois.
 

Credit Pixabay

John Bambenek says people who try to steal your information mimic brands you're familiar with. He suggests going directly to the websites where you want to make a purchase.

"Be wary of things being advertised over email or text messages," he said. "In the week before Thanksgiving, we've identified a few hundred malicious applications in the Play Store or the App Store that exist really for the purpose of trying to steal credit card information or other personal data."

He says shopping on public Wi-Fi like in a coffee shop or library isn't necessarily a risk.

"When people think of public Wi-Fi, people can be snooping, but encryption defeats that," Bambenek said.

He cautions that if you are making a purchase through a public connection to pay attention to any warnings that may pop up. "You may get on your phone or on your laptop and it says, 'This connection may not be secure.' Your computer will give you hints that something is up."

John Bambenek
Credit University of Illinois

He adds that if you're on public Wi-Fi, other people next to you might be having the same problem. If you're all having the same problem simultaneously, he warns, somebody's doing something bad.

"Go talk to the cashier and go do your shopping elsewhere," Bambenek said. "But by and large for everyday consumers, it's safe enough for purchases."

As people get more comfortable making purchases online, they may store their credit card information. He says it is likely safe if it stays on your personal device.

"To be honest, my concern of [storing] it with my phone is my kids making purchases," he joked. "I'm an iPhone user so I can speak probably more intelligently about Apple. They do a lot of things to keep that information secure."

With dozens or hundreds of personal passwords to keep track of, some companies offer a way to store those passwords.

"It really encourages people to do strong passwords," Bambenek said. "I personally use LastPass, but don't take that as an endorsement. Go do your own research where you can have these strong passwords out there so that if somebody breaches the website or whatever, they're not going to be able to use that. And more importantly you'll have unique passwords for everything."

As Cyber Monday transitions into Giving Tuesday, Bambenek says there are secure ways to give to charitable organizations or individuals online like PayPal, GoFundMe, or Venmo.

"My concern with that is making sure that you're donating to reputable charities where the money is actually going to what you think it is," Bambenek said. "Right now with the previous week and what's going on in California with wildfires, we often see kind of fraudulent charities that crop up that really try to redirect philanthropic money towards scammers."

Finally, Bambenek says not to panic if your personal information is compromised.

"It happens and there may have been nothing you could have done," he said. "I work in cybersecurity for a living and it happens to me. Pay attention to banking and credit card statements. Be proactive about it. You aren't going to be liable for the charges and you can get a new card sent out with minimal disruption to your life."