[SC-CSTD] FW: [tech-vi Announce List] From MalwareBytes: 7 tips for safe online shopping this Black Friday and Cyber Monday

Frank Loza floza58 at bellsouth.net
Thu Nov 24 01:17:03 UTC 2022


 

 

From: tech-vi at groups.io <tech-vi at groups.io> On Behalf Of David Goldfield
Sent: Wednesday, November 23, 2022 1:48 AM
To: Tech-VI Announcement List <tech-vi at groups.io>
Subject: [tech-vi Announce List] From MalwareBytes: 7 tips for safe online
shopping this Black Friday and Cyber Monday

 

>From the Tech-VI list owner: 

As this article is from MalwareBytes it should not come as a surprise that
they end the piece by promoting their software as a way to help protect your
PC. However, the tips contained in this article are valid regardless of what
security solution you use. I was a user of several MalwareBytes packages but
haven't used them since January of this year and so I can't speak for their
accessibility.

 

Original Source
<https://www.malwarebytes.com/blog/news/2022/11/7-tips-for-safe-online-shopp
ing-this-black-friday-and-cyber-monday> 

 



 <https://www.malwarebytes.com/blog/category/news> NEWS


7 tips for safe online shopping this Black Friday and Cyber Monday


Posted: November 15, 2022 by
<https://www.malwarebytes.com/blog/authors/metallicamvp> Pieter Arntz

Buyers ahoy, there's a shopping season ahead and several more on the
horizon. Everyone's getting ready for the festivities, but unfortunately
that includes scammers, phishers, identity thieves, and other assorted
internet criminals.

Much of the Black Friday and Cyber Monday shopping will likely be done
online, and many of the sales stretch over weeks, so let's look at some tips
to stay safe.


1. If it seems too good to be true then it probably is


Sometimes our excitement at finding something extraordinarily cheap, blinds
us from the truth. If it's too good to be true, it probably isn't true. For
example, we found this website promoted on social media that claims to sell
unclaimed Amazon parcels for unbelievable prices.



Too good to be true

So why shouldn't we believe them? Despite the fact that the online store
shows social media icons, the icons do not take you to this store's social
media pages. The post I followed on Facebook was a sponsored one from a
different account. On the website you will find neither a valid email
address nor a phone number. All put together, customers have absolutely no
means to reach out to this store with questions or complaints. These are all
red flags and it is prudent to look at them, especially when the offer is
too good to be true.


2. Block and block again


To make your online shopping more pleasant use an ad-blocker, and for the
best experience combine it with a popup-blocker. Some advertisers can make
it very hard to differentiate between the offers you were looking for and
the ones they want you to look at. Blocking them decreases the risk of
buying a pig in a poke.


3. Beware of phishing


A lot of phishers will use times like these to go about their malicious
business. Should you receive a link in an email, don't simply click on
it-make sure the mail has actually come from the alleged sender, even if you
know the "sender" and have done business with them before. If anything feels
weird to you, don't enter in your details and check with the shop directly.


4. Careful when following links


Whether it's a link in an email or on social media, always treat links with
a healthy amount of suspicion. It's better to go to the website of the shop
directly. Even though that still offers the possibility of being tricked by
typo-squatters or hijacked Google results, those chances are a lot smaller
than that of a malicious link. Also, make sure the link includes https at
the beginning of the URL, so you know your data is encrypted whilst browsing
or purchasing, although that does not automatically mean
<https://www.malwarebytes.com/blog/news/2020/11/demystifying-two-common-misc
onceptions-with-e-commerce-security> the site is safe or legitimate.


5. Protect yourself from fraud


Where possible, use a payment method that offers you fraud protection. US
federal law limits your liability for fraudulent purchases on a credit card
to just $50. But some credit card companies go the extra mile and won't hold
you liable for any unauthorized purchases at all. The law also protects you
if your credit card number is stolen as long as you still have your physical
card. When in doubt, you can request transaction alerts-such as a text or
push notification-every time the card is used, so you can be sure every
purchase is one made by you.

Many credit cards also offer purchase protection, which allows consumers to
file a claim with their issuer to receive replacement, repair or
reimbursement for any eligible stolen or damaged items.


6. Don't give out too much intel


During online shopping, don't provide your personal information if you don't
need to. Shopping somewhere that you don't see yourself frequenting
regularly? Why provide them with details they don't need. A shipping address
to send the items to and an email address to keep you updated about the
progress is about all a shop really needs. It's not about not trusting the
shop. Data breaches happen every day and what you haven't provided, they
can't leak.

If you have to create an account, make sure you use a unique username and
<https://www.malwarebytes.com/blog/news/2022/10/why-almost-everything-we-tol
d-you-about-passwords-was-wrong> password combination. That way, if the site
does get breached, your passwords for all your other accounts will remain
safe.


7. Protect your device


Buying gifts online shouldn't be so much of a hassle. So, make your shopping
experience just that little bit easier by making sure your device is
protected.

 <https://www.malwarebytes.com/browserguard> Malwarebytes Browser Guard can
block third-party ads and other unwanted content, including web pages that
contain malware, and in-browser cryptojackers (unwanted cryptocurrency
miners).

And an updated  <https://www.malwarebytes.com/> anti-malware solution on the
device you use for your shopping can block malware from spying on your
payments or performing other malicious activities.

  _____  

We don't just report on threats-we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off
your devices by  <https://www.malwarebytes.com/for-home> downloading
Malwarebytes today.

  _____  

COMMENTS

  _____  

RELATED ARTICLES

 
<https://www.malwarebytes.com/blog/news/2022/11/meta-contractors-ousted-afte
r-internal-probe-catches-them-abusing-oops-tool> 

 <https://www.malwarebytes.com/blog/category/news> NEWS


 
<https://www.malwarebytes.com/blog/news/2022/11/meta-contractors-ousted-afte
r-internal-probe-catches-them-abusing-oops-tool> Meta contractors ousted
after internal probe catches them abusing Oops tool


November 21, 2022 - Security guards working at Meta reportedly compromised
user data via a tool called Oops, selling or trading the data to bad actors.

 
<https://www.malwarebytes.com/blog/news/2022/11/meta-contractors-ousted-afte
r-internal-probe-catches-them-abusing-oops-tool> CONTINUE READING
<https://www.malwarebytes.com/blog/news/2022/11/meta-contractors-ousted-afte
r-internal-probe-catches-them-abusing-oops-tool#disqus_thread> 0 Comments

 
<https://www.malwarebytes.com/blog/news/2022/11/iranian-apt-compromises-fede
ral-civilian-executive-branch-organization-for-cryptominer> 

 <https://www.malwarebytes.com/blog/category/exploits-and-vulnerabilities>
EXPLOITS AND VULNERABILITIES |
<https://www.malwarebytes.com/blog/category/news> NEWS


 
<https://www.malwarebytes.com/blog/news/2022/11/iranian-apt-compromises-fede
ral-civilian-executive-branch-organization-for-cryptominer> APT broke into a
federal agency using Log4Shell


November 18, 2022 - According to CISA, the suspected Iranian APT used the
infamous Log4Shell vulnerability to...install a cryptominer.

 
<https://www.malwarebytes.com/blog/news/2022/11/iranian-apt-compromises-fede
ral-civilian-executive-branch-organization-for-cryptominer> CONTINUE READING
<https://www.malwarebytes.com/blog/news/2022/11/iranian-apt-compromises-fede
ral-civilian-executive-branch-organization-for-cryptominer#disqus_thread> 0
Comments

 
<https://www.malwarebytes.com/blog/news/2022/11/repair-firms-might-be-riflin
g-through-your-personal-data> 

 <https://www.malwarebytes.com/blog/category/news> NEWS


 
<https://www.malwarebytes.com/blog/news/2022/11/repair-firms-might-be-riflin
g-through-your-personal-data> Repair firms might be rifling through your
personal data


November 17, 2022 - We take a look at research which indicates that device
repair firms are not playing fair when it comes to keeping your privacy
intact.

 
<https://www.malwarebytes.com/blog/news/2022/11/repair-firms-might-be-riflin
g-through-your-personal-data> CONTINUE READING
<https://www.malwarebytes.com/blog/news/2022/11/repair-firms-might-be-riflin
g-through-your-personal-data#disqus_thread> 2 Comments

 
<https://www.malwarebytes.com/blog/news/2022/11/how-stolen-streaming-logins-
result-in-torrents-of-legal-action> 

 <https://www.malwarebytes.com/blog/category/news> NEWS


 
<https://www.malwarebytes.com/blog/news/2022/11/how-stolen-streaming-logins-
result-in-torrents-of-legal-action> How stolen streaming logins result in
torrents of legal action


November 16, 2022 - We take a look at what one individual got up to with
stolen streaming logins. It may not be quite what you were expecting.

 
<https://www.malwarebytes.com/blog/news/2022/11/how-stolen-streaming-logins-
result-in-torrents-of-legal-action> CONTINUE READING
<https://www.malwarebytes.com/blog/news/2022/11/how-stolen-streaming-logins-
result-in-torrents-of-legal-action#disqus_thread> 0 Comments

 
<https://www.malwarebytes.com/blog/news/2022/11/a-week-in-security-november-
7-13> 

 <https://www.malwarebytes.com/blog/category/news> NEWS


 
<https://www.malwarebytes.com/blog/news/2022/11/a-week-in-security-november-
7-13> A week in security (November 7 - 13)


November 13, 2022 - The most important and interesting computer security
stories from the week of November 7, 2022.

 
<https://www.malwarebytes.com/blog/news/2022/11/a-week-in-security-november-
7-13> CONTINUE READING
<https://www.malwarebytes.com/blog/news/2022/11/a-week-in-security-november-
7-13#disqus_thread> 0 Comments

ABOUT THE AUTHOR



Pieter Arntz <https://www.malwarebytes.com/blog/authors/metallicamvp> 
Malware Intelligence Researcher

Was a Microsoft MVP in consumer security for 12 years running. Can speak
four languages. Smells of rich mahogany and leather-bound books.

 

 

David Goldfield,

Blindness Assistive Technology Specialist

 <https://www.freedomscientific.com/Training/Certification> 

NVDA Certified Expert <https://certification.nvaccess.org/> 

 

Subscribe to the Tech-VI announcement list to receive news, events and
information regarding the blindness assistive technology field.

Email: tech-vi+subscribe at groups.io <mailto:tech-vi+subscribe at groups.io> 

www.DavidGoldfield.org <http://www.DavidGoldfield.org> 

 

_._,_._,_

  _____  

Groups.io Links:

You receive all messages sent to this group. 

View/Reply Online (#3020) <https://groups.io/g/tech-vi/message/3020>  |
Reply To Group
<mailto:tech-vi at groups.io?subject=Re:%20%5Btech-vi%20Announce%20List%5D%20Fr
om%20MalwareBytes%3A%207%20tips%20for%20safe%20online%20shopping%20this%20Bl
ack%20Friday%20and%20Cyber%20Monday>  | Reply To Sender
<mailto:david.goldfield at outlook.com?subject=Private:%20Re:%20%5Btech-vi%20An
nounce%20List%5D%20From%20MalwareBytes%3A%207%20tips%20for%20safe%20online%2
0shopping%20this%20Black%20Friday%20and%20Cyber%20Monday>  | Mute This Topic
<https://groups.io/mt/95213374/318502>  | New Topic
<https://groups.io/g/tech-vi/post> 
Your Subscription <https://groups.io/g/tech-vi/editsub/318502>  | Contact
Group Owner <mailto:tech-vi+owner at groups.io>  | Unsubscribe
<https://groups.io/g/tech-vi/leave/11013341/318502/1820159643/xyzzy>
[floza58 at bellsouth.net]

_._,_._,_

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nfbnet.org/pipermail/sc-cstd_nfbnet.org/attachments/20221123/78fe7f91/attachment-0001.html>


More information about the SC-CSTD mailing list