The holidays are upon us again…. giving, buying, travelling … and paying for it online, more and more. That’s what cybercriminals love. But you know better… this year you won’t be fooled, especially with these timely tips.
Holiday cybersecurity tips
- Use your own device. When making online purchases, use your own personal devices as much as possible. Avoid entering your credit card and other personal information on public computers.
- Turn on private browsing. If you use a public kiosk or computer, be sure to turn on Private Browsing, and clear your credentials in any apps before logging out.
- Use VPN if connected to public WiFi. When connected to a public WiFi (e.g. at a coffee shop, hotel, resort, even when using your own device) you can use McGill’s VPN (Virtual Private Network) to secure your WiFi connection. Plan ahead and install the Cisco Anyconnect VPN app.
- Update OS and Software. Keep your operating systems and browsers up to date with the latest security patches.
- Use an antivirus software. Be sure to install an antivirus software, with web threat protection; this will warn you when you go to a site that isn’t secure and will ensure no malicious software is running on your computer, waiting to log your keystrokes and steal your credit card data.
- Only shop at secure and reputable websites. Look for “https” in the web address, and the lock symbol in your browser. See 6 Cyber Security Tips for Holiday Shopping Online
- Sharing holiday photos? Be careful about who you allow to see online photos of yourself, friends and family members.
- Think before you click. Email is still the easiest way for cybercriminals to get hold of your personal information – username, password and more. The most recent phishing scams have been playing on the theme of file sharing, with emails that mimic generic notifications from file sharing apps like OneDrive, SharePoint, Dropbox, etc.
If you’re not expecting to receive a link from the sender, don’t click on it; instead, follow up with the sender to ensure it is legitimate (and not by replying to the email).
- Beware of holiday e-cards! Cyber attackers can spoof the FROM address, so that emails appear to be sent from a person you know. Legitimate e-cards are sent directly from the company, and you can verify their website.
- Check this list twice - McGill’s list of reported phishing and other security alerts