DANVILLE, MONTOUR COUNTY (WBRE/WYOU) – Many of us are ready to ramp up our holiday shopping with Black Friday and Cyber Monday lurking. But before you start surfing the web for deals, you need to be aware of some potential cyber security pitfalls. Eyewitness News Reporter Mark Hiller has some expert advice to help protect you online.
“It’s a wild, wild, wild west internet sometimes.” said Paul Roma. He should know. As Geisinger Health System’s Senior Cyber Security Analyst, Mr. Roma protects sensitive health-related data of more than one million people. “We’ve got personal information, you know, sensitive protected health information. You know any kind of information about patients.”
Taking a look at an active cyber threat map, Mr. Roma said “They’re showing you just global internet traffic that could be considered a cyber attack.”
Mr. Roma said hackers are especially active during the holiday shopping season by creating phishing emails or bogus website links targeting cyber shoppers. “Websites can be hijacked with malware and when you go to that site it can infect your computer and you don’t even know what happened.”
For safety starters, Mr. Roma said shop on sites with a website address that begins with HTTPS. That “S” stands for “secure” Another sign your safe? A padlock icon on the url. “What that means is the connection to that site is encrypted, right. The data that’s transferred to your computer from that website can’t be read or intercepted by anybody else,” he said.
Next, look for a website security certificate. It’s a sign you’re protected while shopping on that site. Don’t get duped into visiting an unknown website that offers a steal of a deal for an item often in short supply. “That’s a sure thing to be set up for scams especially this time of year.”
Protecting your sensitive data applies to more than just shopping on laptops or desktops. Many of us use our smartphone. Mr. Roma says antivirus protection like McAfee and Symantec is available for android devices. Even though iPhone users can’t get an app like that from those vendors, he stresses there are other options. “There are different browser plug-ins and different apps, security apps in general. that may force you to use HTTPS when you’re on a website.”
Mr. Roma also says you should change your password about every 90 days and think of using phrases instead of just a single word. There are also free password protection sites like KeePass and LastPass to store those complex passwords.