BLOOMINGTON, Ind. -- Amid the many warnings this holiday season about protecting your identity while shopping online comes advice from Scott Shackelford, associate professor of business law and ethics in the Indiana University Kelley School of Business and one of the nation's leading cybersecurity experts.
"In some ways shopping online is getting safer," said Shackelford, also chair of the Kelley School's Cybersecurity Program in Risk Management and director of the Ostrom Workshop Program on Cybersecurity and Internet Governance. "For example, a few years ago it was relatively uncommon for many sites to use encrypted https technology, but that's become the norm. However, as may be seen by a quick scan of the news, data breaches continue.
"The good news is that the cost of those breaches is going up with Federal Trade Commission and European Commission investigations ongoing into firms like Equifax and Facebook, and consumer patience is also wearing thin," he added. "One recent survey, for example, found that 20 percent of consumers would not shop again at a firm that experienced a data breach."
Shackelford offers practical advice for holiday shoppers. In essence, there's a lot you can do to become harder targets for cyber criminals, including:
- Consider freezing your credit. You don't need it open unless you open a new credit card or loan, and even then you can unfreeze it for a short window to allow for the credit check.
- Install antivirus and antispyware software, use auto-update, and always enable multifactor authentication on all of your accounts.
- When using public Wi-Fi, use browsers like Tor to make it more difficult for hackers to spy on you.
- Keep all software up to date -- especially Windows, but also programs like Adobe Reader, Flash and Java, which are often convenient backdoors that can be closed through frequent updates.
- Use strong passwords of at least 14 characters, keep them secret, and change them often. Consider starting with a favorite sentence, and then just take the first letter of each word. Add numbers, punctuation or symbols for complexity. And be sure to change any default passwords on your new smart devices.
- Never turn off your firewall; it's an important software program that helps stop viruses and worms.
- Use flash drives cautiously; they are easily infected. In fact, one of the biggest breaches of U.S. military systems to date was due to a flash drive.
- Encrypt sensitive information on your computer.
- Be conscious of what you click on, both in emails and on the web. When in doubt, double check before accessing new files.
- Look for sites with "https" in the URL. Do not use banks or other sensitive websites that do not have the "s."