During the holiday season, the risk of online fraudulent activity is rife. The increase of online transactions provides more opportunities for cybercriminals to attack. Here are some preventative measures online shoppers can take to stay safe this holiday season:

Be cautious of fake websites – There are countless sites that pose as legitimate websites selling trusted brands. Look carefully at domain names, grammar, misspellings and low-resolution images. If it looks unusual, it probably is.
Don’t be fooled by phishing emails – Ever receive suspicious emails asking for personal information or promising great discounts? Never open them without doing a basic authenticity check. If it seems too good to be true, it probably is.
Be wary of public Wi-Fi – Cybercriminals can easily hack individuals’ information from public Wi-Fi networks. Avoid inputting financial or sensitive personal information when connected to a public hotspot. Wait until you’re at home or on a trusted network.
Strengthen passwords – Usernames and passwords are often the only security measures used to prevent your account being compromised. Make sure you have strong passwords that use numbers and symbols, and never use the same password across multiple sites or accounts.
Enable two-factor authentication – More and more services are offering, at a minimum, two-factor authentication. Make this a requirement when signing up for new sites and services.

What if it’s too late and you believe your credentials have already been compromised? Here are some practical reactive solutions:

Change your passwords – If you still have access to your account but are seeing suspicious behavior, change your passwords immediately. If you no longer have access to the account, you can attempt to use the password reset functionality of the affected services. But remember that password reset functions often rely on sending you an email with reset instructions; if your email is compromised, this may well expose more services to the attacker.
Review your credit report – If you have reason to believe that your identity (full name, address, date of birth, Social Security number, etc.) may have been compromised, pull a credit report — it will show any new financial accounts opened in your name and any inquiries performed against your credit recently.
Consider freezing your credit – If you do see new accounts and new inquiries you did not authorize against your credit report, it is in your best interest to freeze your credit. Note: this will not affect your credit score.
Report the theft at IdentityTheft.gov – You’re not alone in the world of stolen credentials and identity theft. The federal government has set up a site (IdentityTheft.gov) to help victims of identity theft. They give you a step-by-step process to follow and an affidavit to fill out to swear that someone has stolen your identity.
File a police report – Contact your local police department’s non-emergency number and tell them the details of the situation. This police report is extremely important for getting accounts that you did not sign up for removed from your credit and removing your financial responsibility for those accounts.
Contact any creditors for unauthorized accounts – If new credit accounts were opened under your identity, contact the creditors and provide them with a copy of the police report. Typically, once the creditor has the police report, they will remove the account from your credit.

About Danielle Jackson

Danielle Jackson is Chief Information Security Officer at SecureAuth