Ladies and gentlemen start your browsers it's the holiday shopping season. But wait, you are being safe in your shopping habits, arent you?
Im willing to bet that many of you are spending at least a bit of your time and money shopping on the Web this season. Sure beats the endless mall mobs, if you ask me! Im quite content doing the lions share of my shopping online. But online safety is always a primary concern, especially with all the URL-laden email advertisements and such we all receive. Its all too easy to click on a link that takes our browsers to botnet land.
Sure, weve all heard about the perils of clicking on emails, but that latest email from an unknown retailer sure caught our attention, right? A big screen HDTV for how much?!
So, lets explore some things you can do to make your holiday shopping a bit saferand less likely to result in a credit card bill next month with thousands (or more) of dollars of charges you didnt make. In fact, there are a few simple steps you can take today that will go a long way to allowing you to be safe and confident in your online holiday shopping.
Disable or Restrict Active Content
Arguably the Webs biggest vulnerability, active content (e.g., Javascript, Flash, ActiveX, Java) running in browsers is a launch vector for much of todays malware. Most browsers do little to prevent active content from running by defaultsure, they all have a Allow Javascript button and such, but thats hardly a usable control. If we turn off all Javascript (and other active content), almost all of todays Web sites will not function for us, so thats hardly a solution to our safe shopping issues.
If youre using Firefox or Internet Explorer, youre in luck. We can quickly and easily restrict which sites may run active content and disallow all others in both of these browsers. (No doubt some other browser can do this as well.)
For Firefox, just install NoScript (from http://noscript.net). Its a free plug-in that disallows all active content from all sites by default. You then allow trustworthy sites one at a time as you care toand this only need be done once per site, because NoScript will remember your settings. Quite simply, its one of the best free security enhancements Ive ever seen. Great stuff.
For IE users, you need to tweak your security zones a bitjust click toolsInternet OptionsSecurity. Disable all of the ActiveX, JavaScript, etc., settings in your Internet zone. Now, add trustworthy sites one at a time to your Trusted sites zone. Itll take a little trial-and-error, but its not too hard to figure out, and you can always restore the defaults by clicking on the Default Level button.
In both IE and Firefox cases, trustworthy sites should consist of sites you want to do business with. With NoScript, you can even temporarily enable JavaScript on sites you want to try out, but arent yet convinced you want to do business with.
Centralize Your Payments
Chances are pretty good youll be entering your credit card data on several sites this holiday season. Each time you do that, theres an exposure to fraudulent activity.
First off, be sure you want to do business with the site youre connected to. Use consumer rating sites like BizRate to see what other customers say about the sites, especially if youve never done business with them before.
Then, consider using a payment centralizing service like PayPal to reduce how many sites see your credit card information. Its a couple extra steps when you pay for an item, but if nothing else, it means youll have fewer places to keep organized when and if you change credit card account numbers later on.
Use a Local Password Vault
In addition to storing credit cards on a slew of sites, youll probably be asked to register on many of the sites where youll do business this holiday season. If youre like many people, youll use a single usernameperhaps your home email addressand a single password that you can easily remember, and youll use these on all the sites you frequent.
You probably even know that this isnt a great idea, but you do it anyway because it makes things easier and less complicated. Does that sound familiar?
Well, theres a better way. Consider installing and using a local password vault system. There are hundreds of these available for free or for cheap on Windows, Mac OS X, and Linux. Pick one that has gotten great consumer reviews.
I find 1Password works great for my OS X needs. What these products have in common is they store all your passwords safely in one place on your computer. That single password store is then itself password protectedremember this password, it may be the last password youll never need! Most of the products can also generate long and random passwords. So, when you sign up for a new account at your favorite on-line merchant, use your password vault to generate (say) a 40-character random password and then remember it in your password store.
Now, whenever you visit that site, your password vault will remember the password and will fill it in on the sites login page. This way, you can have different and very secure passwords on every site you use, without having to remember them all. Just remember that one password. (I cant emphasize this enough.)
Do these simple thingstodayand Im confident your online shopping environment will be substantially safer, as well as more organized. You can find free or cheap solutions to all three of the above. Youll only regret not doing these things.
Adapted from Esecurityplanet.com.
Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today! |
This article was originally published on December 12, 2008