Many of us are shopping for holiday gifts at this time of year and we all want to find good deals where we can. Be cautious when shopping either online or at the malls:
At the malls
Keep your payment cards (credit card, debit card, etc.) in secure closed pocket or bag and I recommend you use either an RFID blocking wallet or you buy RFID blocking paper sleeves for your payment cards (you can buy either of these on Amazon). Payment cards today include a security chip that you can use to “tap” to pay for your purchase and this is accomplished using Near Field Communication (NFC). If a card reader at a cash register can read your payment card just by being near your card, then someone standing behind or beside you in line can also read your card using a pocket sized device or some additions to their smartphone.
Always order only from web sites that are secure – look for the lock symbol next to the web site name in your browser window. I also never save my payment details on any web site that I am ordering from and I always save a copy of my paid invoice. Also beware of deals that sound too good to be true or that are remarkably cheaper than you expected: hidden shipping and handling fees, cheap knock off products, or plain fraudulent online retailers could be the reason the deal is so good.
Safe shopping this holiday season!
ANTHONY ENGLISH Vice President, Mariner Security Solutions
PCIP, C|CISO, MCSE, CISSP, CISA, CISM, CGEIT, CRISC, CBCP, CIPP/C, ISO 27001 Master, CTT+, A+, HiTrust Certified CSF Practitioner, ISO27033 Lead Cybersecurity Manager
Anthony is one of the top cybersecurity professionals in Atlantic Canada with extensive Canadian and International experience in cybersecurity covering risk assessment, management, mitigation, security testing, business continuity, information security management systems, architecture security reviews, project security, security awareness, lectures, presentations and standards based compliance. He sits on the Standards Council of Canada (SCC) IT Security Techniques committee (MC/ ISO/IEC/JTC 1/SC 27), the Disaster Recovery Institute Canada (DRIC) Certification Committee, Cloud Security Alliance committee on the security of health care data in the cloud and is an Exam Development Volunteer for ISC2. Anthony has worked in utilities, law enforcement, consulting, education, health care, lottery and gaming, auditing and the financial sector.