Over the past two weeks, Google detected 18 million Gmail malware and phishing messages daily, and more than 240 million spam messages, both related to COVID-19. It is the gateway to obtain confidential information, and carry out attacks of all kinds that can lead to theft of personal and financial data.
Although Google’s machine learning models block a large part of these malicious acts before it reaches users, according to the company, it is necessary to take precautions when browsing the web and using applications on mobile phones.
In times where everything is done remotely, it is essential to be informed to take precautions. Because criminals can easily get around digital obstacles and reach the user using social engineering techniques and when that happens, the main security solution depends on the human being and his ability to be alert.
In this article, we are going to focus on some precautions to take into account when making purchases and payments online to minimize the risks of being victims of cyberattacks. It is essential to take precautions to avoid being victims of deception.
1. Avoid public wifi networks
As a first measure, you should avoid connecting to a public wifi network, since in these cases, it may be easier to carry out “man in the middle” attacks, which involve intercepting the confidential information of users when visiting different sites.
2. Configure the wifi router safely
It is essential to configure the wifi router in your home in a safe way, to minimize the chances of hacking. What does this mean? Change the default password, disable remote device management, as well as update firmware.
3. Use a VPN
Use a VPN (virtual private network) to encrypt the exchange of information through devices connected to the Internet. In this way, even if the router was compromised, the data will be encrypted.
4. Verify the domain of the site where you enter
When entering a platform to make the purchase or the payment you want to make, it is important to verify the security of that page. For that, look carefully at the domain name that is seen in the URL. In this sense, it is always advisable to enter the name of the page to be visited in the search engine and not access it through a link even when it has been received by some email that, at first glance, does not seem suspicious.
It also verifies that the site has the HTTPS certificate, which is usually indicated by a padlock next to the URL. This is an internet communication protocol that protects the confidentiality of user data between their devices and the website they connect to. It should be noted, however, that this alone is not enough to verify that you are entering a reliable site. There are fraudulent sites that also use the padlock, since that certificate can be easily obtained. The padlock, in short, indicates that the information is encrypted while traveling on the Internet, but does not indicate that the site is reliable. If fraudulent information is entered even when it has HTTPS encryption, cybercriminals will access it.
So? Enter the name or URL address of the site you want to visit (avoid accessing the pages through links that are received by mail, WhatsApp, or some other messaging service), carefully verify the domain name and also verify, which has the corresponding encryption.
Chrome, meanwhile, has a Safe Browsing feature that alerts you if the sites you’re trying to visit are suspected of phishing, unwanted software, or malware. This tool is activated by default.
5. Avoid downloading attachments
Just as you have to be careful when clicking on links that can redirect to fraudulent sites, it is important to avoid downloading attachments, especially if they come from unknown users, because they could contain malware.
6. Two factor of authentication
It is important that you have the two authentication factors (also known as 2FA) enabled on the payment platforms that are used, either from the mobile or the computer.
7. Updated software
You have to keep the software of the devices you use updated because that way you receive security patches.