Holiday season shopping tips
As we enter November, peoples thoughts turn to Christmas shopping and, increasingly in recent years, snaffling some bargains on Black Friday. If, like millions of other shoppers, you’ve decided to shun bricks and mortar stores in favour of online shopping, you will probably be firing up your Windows PC for some serious bargain hunting. Before you fire up the browser and pull out the credit card though, here are some tips to make your online shopping safer this holiday season.
Check your browser – Make sure it is up to date – This is the most important thing to do before you submit personal information like credit card details. Fortunately it’s really easy. If you’re using Microsoft Edge, then Windows should keep everything up to date for you (though you can always check manually too, see the instructions here).
For browsers like Chrome or Firefox, you simply need to open the menu (usually the button in the top right of the window) and choose “Help” and then “About”.
Do not use “niche” browsers – Browsers like Waterfox, a custom version of Firefox, might seem cool, but they don’t get security updates as often as the normal, vanilla Firefox and are best avoided.
Use a password manager – If you shop on dozens of different websites, you should have a unique password for each one. Trouble is, how do you remember them all? Along with your password for your Credit Card (Verified by Visa/Mastercard Secure) and online banking, etc etc. The answer to that question is easy, start using a password manager.
How does a password manager help Protect you online? Password managers, sometimes called password vaults, work in two ways. Firstly, they let you log into sites on the internet much quicker, just by the click of a button. Secondly, they safeguard and remember all your passwords (except one, your master password) Lets take a look at an example.
Bob, who doesn’t have a password manager, logs onto several of his favourite websites while using the internet. A couple of popular online shops, his bank account, his mobile phone service page and his webmail. Bob can only remember a couple of simple passwords which are easy to guess and are transmitted over the internet for each site he visits.
Bob transmits the same easy to guess password to all his sites, because he can’t remember several different ones.
Alice is also a user of the same sites but she uses a password manager utility. When she signs up for any site, she generates a random series of letters and numbers and uses that for her password. She doesn’t need to remember these passwords, because the password manager remembers them for her. All she has to remember is her master password, which is entered into the password manager and NEVER used or transmitted across the internet.
Alice uses a hard to guess, unique password for each site.
Now, if there is a security breach on one of the sites that Alice and Bob have been using, then hackers could gain access to both their accounts. However, in Bobs case, the hackers would also have access to his Facebook, Google, Youtube, all his online forums and his mobile phone and internet banking too, since Bob used the same password for each site. Alice on the other hand, is not so concerned. All of her passwords are unique and they are all random sequences of numbers and letters. The hackers can’t ever get her master password (as long as she keeps her computer secure and memorises her master password, without writing it down) because it is never transmitted over the internet. Alice doesn’t need to worry about her other passwords being stolen since they are all totally different from each other.
Our current favourite password manager is Sticky Password Manager. This powerful little password manager is free to use on a single PC, and can inexpensively be upgraded to work across multiple PCs using local network sync. Beware of password managers that offer to store your passwords in the cloud. This may seem convenient but, this means your master password DOES have to be transmitted over the internet, meaning these systems are considerably less secure.
Learn about user accounts – Learning how to create and manage user accounts will help you with your online shopping in two ways, as detailed below.
Prevent other family members snooping on your browsing history – Don’t want your IT savvy kids finding out what Santa’s bringing them this year. Santa might be able to keep a secret but if they manage to get into your browser history, then all bets are off. Using a separate user account will make sure the kids are locked out from snooping on all your files, including this highly sensitive data.
Beef up security by running as a standard user – By default, Windows creates a single user account as the computer administrator. Even if you’re the only user of the PC, you can improve security by creating yourself a separate, standard user account. This works because, when using a standard user account, apps you run on your PC are prevented from making system wide changes. Although you still have to confirm most system changes on Windows using the UAC prompts, standard accounts beef up security even further, by requiring your administrator password before any changes can be made. Many Windows exploits that trick the user into installing malware are thwarted by the extra layer of defence that standard accounts provide.
Standard accounts are also a MUST for children, who will be prevented from experimenting and changing any system wide settings.
Steer clear of bad websites with Malwarebytes – For another layer of protection, consider installing Malwarebytes anti-malware. This package actively scans websites and has a black list of thousands of bad sites that may try to sneak malware onto your computer.
What’s more, Malwarebytes operates a full “bug bounty” program, rewarding security researchers for finding bugs and security problems in their software, meaning there’s always an incentive for hackers and security researchers to report bugs directly to the company, rather than for them to be tempted to sell that information on the black market, for instance.
Phew, this little article turned into quite the security lecture! By following all these steps, and some good old common sense, you’re all but guaranteed to have a safe and fun online shopping experience this year.