The holidays have arrived! These final weeks of the year are extremely busy for many of us. People are traveling, shopping, awaiting packages, making end-of-year-donations, and trying to put a pin in 2021.
Cybercriminals know and await these frenzied times. They especially like seasons of heightened online shopping and financial transactions because impersonating a bank, credit card company, or shipping carrier is a great way to evoke a sense of panic in their victims.
Have you been booking travel, shopping online, or anxiously awaiting the arrival of packages containing the perfect gift? Is your inbox cluttered with receipts and order updates? As you move through your inbox and other correspondences, try not to work too quickly. Scammers are counting on your haste as a way to your personal information and login credentials.
Cybercriminals aren’t just after your identity and bank account numbers. They also want to use your login credentials to hold our institutional systems and data ransom. In either case, they usually target individuals as a point of entry.
Whether you’re staying home or traveling for the holidays, please protect yourself and the WashU community. Remember the following tips to stay safe:
- Don’t charge your devices at public USB stations. Cybercriminals modify these stations to download your data or install malware on your device. Instead, charge and back up your devices before you leave and bring a portable charger with you.
- Don’t connect to public Wi-Fi networks and disable auto-connect on your devices.
- Credit cards offer more consumer protections than debit cards, so use them to pay for things whenever possible. If you need to use an ATM, choose a machine inside a bank branch where cybercriminals are less likely to have tampered with it.
- Check your financial accounts and rewards accounts regularly to identify any suspicious activity.
- Avoid verbally sharing details about your travel in public places or posting details in publicly visible areas (e.g., social media accounts). Wait to post travel photos until you’re back home.
- Shred your tickets, boarding passes, luggage tags, and other travel-related personal information after you’re finished using them.
Device and Data Security
- Treat your devices as if they are valuable. Never leave them unattended.
- If you’re taking work with you while you travel, consider using a loaner laptop . Read our device guidance articles here: Securing Devices Guidance and Device Security for the Entire Family.
- Backup your data and update your devices before you leave.
- Turn on “ Find My ” or other device-locating features before you leave. Read advice from our CISO here: [There’s No Better Feeling than Recovering Your Lost Device!](https://informationsecurity.wustl.edu/keeping-information-security-simple-theres-no-better-feeling-than-recovering-your-lost-device/
- Make sure your devices are encrypted. Read our article, Better Protection with Encryption for more information.
- Do not interact with suspicious emails, voicemails, or text messages or click on any links they contain. When in doubt, use known contact information to verify the offer or request.
- Be very skeptical of urgent requests. Urgency is a social engineering tactic cybercriminals use to manipulate victims. See our article for additional tips: Protect Yourself from Social Engineering
- Watch out for grammar, punctuation and spelling mistakes. These are phishing red flags. Read Phishing 101 for more advice.
- Never provide personal information or login credentials upon request. Ignore these requests or reach out to the purported requestor using known and publicly available communication channels to verify the authenticity of the request.
Shopping and Other Scams
- Office of Information Security – Holiday Shopping
- Better Business Bureau Holiday Tips Page
- Ozark Radio News
- National Cybersecurity Alliance Tips for Online Shopping
- Social Security Administration What to Do
- Office of the Inspector General Scam Awareness
Helpful Tips for Travelers
- Office of Information Security – Travel Page
- Office of Information Security – Thanksgiving Travel Article
- Office of Information Security – Summer Travel Article
- FCC Cybersecurity Tips for International Travelers
- CISA Cybersecurity While Traveling Tip Card