Cyber Monday: 10 Tips To Avoid Being Hacked

With the holidays just around the corner, more shoppers are expected do their holiday shopping online this year than ever before. And tucked away under the auspices of their company's cubicles, many of them will do it the Monday following Thanksgiving holiday -- a day known in the commercial world as Cyber Monday.

And hackers know it. Unwary consumers thinking they're going to get a great deal on a video game or exercise equipment could be opening the door for identity thieves to swipe their personal and financial information.



And it's not a problem that will be cured with a little holiday spirit. According to security company Identity Finder, a security company specializing in identity theft, more than nine million Americans have their identity stolen every year. The Federal Trade Commission reports that in 2007, the highest category of complaints was identity theft, comprising 32 percent of total received to the category. Meanwhile, consumers reported fraud losses that totaled more than $1.2 billion, almost doubling from 2005.

The takeaway? Shoppers need to apply a few common sense practices when doing their holiday shopping online. "Parents teach us to 'look both ways before crossing the street' but most of us didn't grow up hearing 'make sure your password contains a number' or, 'look for an SSL connection when shopping,'" says Todd Feinman, CEO of Identity Finder.



Here are a few Cyber Monday Do's and Don'ts to keep you on the straight and narrow.

It's always on your "to do" list, but it seldom makes the top five, right? Before you start shopping online, make sure all of your software is up to date. And that doesn't mean avoiding those updates by major software vendors such as Microsoft, Apple and Adobe when they pop up.



Following the release of a patch, attackers are generally tripping over themselves to write the appropriate code exploiting the vulnerability before users can patch their systems. So click the "Update Now" tab as soon as it appears. It really only takes a second, but the latest bug-free software will keep you safe should you visit a malicious Web site.

Creating complex passwords is something you should do anyway, but it's especially important around the holidays, when hackers are preying on busy and distracted users.





Mix the letter cases and numbers,and use at least seven characters if an online order form requires a password. Don't choose a word from the dictionary or use classic passwords that can be easily guessed or researched -- such as mother's maiden name, hometown or elementary school. Passwords can be easily be figured out by hacker password programs.

It's no secret that hackers will pick the low hanging fruit first, so don't make it easy for them. Use your wireless router's security features when surfing the Web. And don't let unknown individuals piggyback on your network so they can peer or try to listen in on your shopping experience. A dedicated hacker can use network sniffers to eavesdrop on your network.

When you're shopping online, especially around the holiday season, use virtual credit cards that expire after one use. Don't use your actual credit card on less familiar Web sites. Malicious phishing sites often impersonate legitimate Web sites, in order to steal your credit card numbers, passwords and other personally identifying information. Better to be out a few dollars than to give the hackers carte blanche to take out a second mortgage on your home with your credit information.

See that little padlock symbol at the bottom of your screen? Make sure you can see that little guy, especially when you're making some kind of financial transaction. That is to say, don't purchase your new Wii online if you don't see one there. The padlock indicates an SSL VPN connection, which keeps your information secure when it's sent online.

Don't wait until you get the word that you just purchased new camping equipment online with your credit card and somehow can't really remember doing it. Stay on top of your credit and get a copy of your credit report regularly during the holidays, which shows all of your accounts and overdue balances.

It might seem like a no-brainer, but don't leave passwords in your desk, or on a Post-it on your computer monitor. Don't save them in your Web browser. To avoid the pitfalls of remembering passwords, invest in a password manager. This little piece of technology encrypts all of your passwords. All you have to do is remember one to access the device.

Steer clear of links embedded in spam messages. They're most likely sent by phishers and will cause you all kinds of trouble. Instead, type in the vendor's Web address manually into your browser and visit the site directly if you're looking to purchase something online. Those few extra seconds could save you from months of headaches trying to re-stablish your credit.

Needless to say, you're upping the odds that you'll avoid an attack if you're working on your own computer. Avoid making financial transactions from a public computer in an airport or coffee shop. Public computers could have spyware or keystroke loggers designed to record your information as you type it. What your mother said -- don't touch it, you don't know where it's been -- still applies here.

Wait! Don't send that credit card information over e-mail. Even if you think it's secure. Don't send it over IM either. If you feel uncomfortable about sending personal information online, call up the business -- if you trust them -- and read them the credit card number over the phone. While nothing is foolproof, you're more likely to avoid hackers snooping around your network.