New research shows that in the U.K. alone, nearly 50% of consumers have no form of insurance for protecting themselves from illegal use of their credit and debit cards and that 38% admit to using the same online password across numerous websites.
In light of the latest figures from Kaspersky Lab, which highlight the risks online consumers are taking by reusing the same passwords on multiple sites and by not having credit or debit card insurance, here are 10 top tips that should help online shoppers protect themselves from cyberthreats, including identity theft, without breaking the bank:
1) The first, and hopefully the most obvious, is never use the same password; if one account is hacked, the cybercriminals now have the login details for every other site, account or online service too.
2) The second is to activate two-factor authentication if the site or service offers the feature. Then if someone (even the rightful user) tries to access an account or service from a suspicious location - eg. a hotspot in Turkey when the true account holder typically logs on from a location in Germany, access will be denied unless the user can also enter a unique numerical code which is sent to the user's phone.
3) When creating a password, never use a 'dictionary' word, as this video shows. If the password has a dictionary definition, it is too easy to crack. The same applies to a dictionary word with an 'i' replaced by the number 1 or an 's' replaced by the number '5'.
4) Consider a password management program or password locker app such as Last Pass or 1Password that automatically generates fiendishly difficult, unique passwords for every online service and keeps them a secret, even from the user. Each time the user visits a site, they enter a master password into the program or app and the app automatically completes the username and password fields.
5) Never click on a link in an email that asks you to update account details or verify passwords. Genuine online retailers and online banking services NEVER send emails of this nature. They always request that a user should visit the official site if changes or updates are required.
6) When out and about, never use a public, non-password-protected wi-fi hotspot for anything other than browsing the web. If accessing the hotspot from a smartphone or tablet, first log out of all apps, particularly those related to online shopping and banking.
7) Ensure that desktops, notebooks, tablets and smartphones are always running the latest version of all operating systems, browsers and apps. Most software updates that are pushed out on a regular basis are done so to patch a vulnerability.
8) Never download or install smartphone or tablet apps from a third-party or bit torrent site. They are usually packed full of malware and other vulnerabilities.
9) When visiting an ecommerce or banking site, ensure that there is a padlock symbol in the browser's address bar and the URL begins with https, not http when when clicking through to the payments page.
10) Read the terms and conditions relating to banking and credit card facilities and check to see if the account offers free insurance against identify theft or against malicious use of debit or credit cards.