The Friday Five

Online Shopping? Five Security Tips

By Don Tuliao

Even if your firm has a policy against it, thereโ€™s a chance that online shopping is happening in your office โ€”ย especially during theย height of the holidays. Why be concerned? For one, hackers are actively working to compromise any size environment. Two, if you or anyone in your officeย opens an email or clicks a link to an unsuitable website and the network gets infected, fixing the situation can be costly.

Things to Do to Safeguard Your Data

Here are five tips to help steer clear of cyberattacks. And don’t keep these to yourself. Encourage everyone in your firm to take an active role toย ensure network security.

1. Beware of spoofed or forged emails.ย Be extra cautious about emails from unfamiliar sources that make claims about an account or ask you to click on unfamiliar links to take action. Ask yourself, โ€œWhy is this company emailing me? Is this organization legit? Does this offer look credible?” Look for misspellings, capitalization mistakes, bad grammar, unprofessional punctuation (such as โ€œ!?!โ€) and distorted graphics or backgrounds, which areย most likely a cut-and-paste from a legit website.

Be prepared for a slew of fake emails with fantastic offers on merchandise this time of year. Like the old adage goes: โ€œIf itโ€™s too good to be true, it probably is.โ€ If you receive a suspicious email, hover your mouse above theย link you’re asked to click. Thisย will most likely show you the website URL itโ€™s coming from. If it doesnโ€™t look right, donโ€™t click on it. Delete the email and notify your IT administrator.

2. Search smart.ย When searching for information or merchandise, stick with the popular search engines such as Google, Bing, Yahoo and Ask. Google has started to include SSL/TLS as a factor in search rankings. This means, in theory, the more โ€œsafeโ€ sites will tend to appear first. Any of these web browser plug-ins will notify you if a particular website you visit is considered safe or not:

Also consider “sandboxing” your browser, PDF reader and applications to protect against rogue software, spyware and malware by using an isolation program.

3. Seek trust indicators when shopping online. Look for websites that are encrypted, meaning that their URL starts with https:// (where the “s” stands for secure). Also look for the lock symbol in front of the https://ย โ€” as well as site seals from known security companies, such as McAfee and VeriSign, among others.

4. Avoid sites with risk indicators. Legitimate websites have secure certificates. Some sites have self-signed certificates.ย Those are the ones hackers use since they donโ€™t bother purchasing a legitimate one. When visiting a site with a risk indicator, simply run away!ย If you feel unsure of a site and want verification, copy and paste the link into either of the following and it willย go through a verification process and show you the results:

5. Use good password hygiene. Change passwords every 90 days. Make your password easy to remember but hard to guess. Use more thanย eight characters and mix it up with these variations:

  1. UPPERย and lower case
  2. Numerals
  3. Punctuation marks

Donโ€™t reuse old passwords, and vary your passwords among sites. To check a password’s strength, go to this URL: https://howsecureismypassword.net.

Also, be careful with your answers when setting up your password-challenge questions. Do not use answers that are easily verifiable through social media or searchable public databases. For example, for the question “Which city you were born in?” do not use the actual city as your answer. Instead, use another city that is memorable to you.

Don Tuliao is a senior system engineer at Innovative Computing Systems. He can be reached at dtuliao@innovativecomp.com. More system security tips can be found at www.innovativecomp.com.

Categories: Daily Dispatch, Legal Cybersecurity, Legal Technology
Originally published December 19, 2014
Last updated September 8, 2020
share TWEET PIN IT share share
MUST READ Articles for Law Firms Click to expand
envelope

Welcome to Attorney at Work!

Sign up for our free newsletter.

x

All fields are required. By signing up, you are opting in to Attorney at Work's free practice tips newsletter and occasional emails with news and offers. By using this service, you indicate that you agree to our Terms and Conditions and have read and understand our Privacy Policy.