"It's also the season for cyber criminals, so shoppers need to be extra cautious and alert," says Richard Baich, a principal in Deloitte & Touche LLP's Security & Privacy practice with responsibility for Deloitte's new Cyber Threat & Vulnerability Management Solutions offering.
Baich adds: "Cyber criminals can range from independent entrepreneurs to loosely affiliated and opportunistic hackers, to well-orchestrated organized crime groups. They're capable of striking any individual or organization, from anywhere in the world, at any time of day. This is why we're calling for cyber vigilance this holiday shopping season."
Deloitte offers the following action steps consumers can take to significantly increase their security profile and be cyber vigilant:
1. Simple but most critical: Be vigilant in who you are giving your credit card and personal information to. Be extremely suspicious of emails requesting personal or financial information. 2. Pay extra attention and carefully review credit card and banking statements; consider setting transaction thresholds for certain dollar amounts to help you keep track of account activity. 3. Consider changing Personal Identification Numbers and passwords for your online accounts if you haven't done so in a while. 4. For online shopping and banking, ensure all security patches are up to date on your home personal computer, your antivirus program is current, and you have a firewall running. Be extra careful about buying from obscure web sites with "unbelievable deals." 5. Avoid using public Internet cafes or kiosks for online banking and shopping and avoid inserting "free or giveaway" memory devices (e.g., USB drives) into your home system unless you know exactly where they came from. 6. If an dialogue box suddenly appears on your screen while surfing the Internet telling you that your computer is infected, and it wasn't generated by your antivirus client, don't fall for it because it will most likely be a rogue antivirus exploit. 7. Consider signing up for a credit monitoring service that can alert you when someone or something is accessing your credit information. 8. Last, be wary of what you post to social networking sites. These and other sites are increasingly being targeted by cybercriminals who are drawn to the wealth of personal information supplied by users.
As used in this document, "Deloitte" means Deloitte & Touche LLP and Deloitte Services LP, separate subsidiaries of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.