As the big 11.11 sales events are happening, Sophos shares the following safety reminders for online shoppers:
Write down contact details for your financial providers. Create a written copy of the emergency contact numbers and email addresses for organisations such as your bank, card issuer or insurance company. This way, you will have access to them even if you lose your payment card or your phone gets stolen. Make sure you never need to rely on contact details that arrived in a message from someone else – after all, if the message was fake, the number or email address will be fake too and will lead you straight back to the crooks.
Learn about account lock features offered by your bank or card issuer. These days, many banking apps have a “quick lock” option that allows you to freeze and unfreeze access to your account or payment card in seconds. In an emergency, such as if you think you put your card number into a fake site or you misplace your card, you can block access to it right away, even before you call up to ask the bank for advice.
Learn how to clean up your browser’s autofill storage. Modern browsers try to help you by automatically remembering and storing details such as passwords, credit card numbers and even addresses. In many browsers, these autofill features are turned on by default, which may not be what you want. Learn how to review how much personal data your browser has kept up its sleeve in case you need it again. You may find that you want to delete some of it so that it’s no longer in what’s often called “near on-line” storage.
Consider using a prepaid debit card for one-off purchases. If you’re determined to purchase from a retailer you don’t know much about, a low-value prepaid debit card can help you limit your risk.
Turn on 2FA wherever you can. Two-factor authentication (2FA), usually refers to those one-time login codes that you need to type in together with your username and password when logging in. This can be annoying at times, and it means that you can’t login on your laptop if you don’t also have your phone handy, because most services rely either on a one-time text message to your phone, or a special mobile app, for supplying the needed codes. However, it makes it harder for the crooks to mess with your accounts, even if they figure out your password.