The month between Black Friday and Christmas is, by far, the busiest shopping month of the year. Shoppers flood brick-and-mortar stores as well as online marketplaces to shop for holiday presents and take advantage of great deals. Generally speaking, this jump in commerce boosts the economy and creates happy shoppers and happy retailers–but it comes with dangers. Being part of a credit card scam is a huge risk around the holidays, as increased shopping traffic–both in-person and online–creates unprecedented opportunities for hackers. So, how can shoppers and retailers stay protected from a credit card scam?
As a shopper, be wary of where you use your credit card, especially when shopping online. Most major online stores are well-protected and designed to keep your credit card information secure. These sites are usually marked by a “lock” icon in the search bar, as well as an “https” in the URL, which indicates a secured site. Many retail sites will also indicate that credit card data is being encrypted, which helps prevent it from being accessed by hackers. NEVER enter credit card data on a site that has only “http” in the URL, rather than “https”–those sites are not secure and put your data at serious risk.
The same basic idea applies to physical stores. Hackers have tricky ways of infiltrating POS systems and can place tiny devices on card readers that export data pulled from the magnetic strip. Bigger retailers are more likely to have processes in place to monitor data transfer and ensure that your card information stays safe, while smaller retailers may not have the same safeguards. Be careful where you swipe, and remember that machines with chip readers are generally more secure.
When in doubt, don’t risk credit card fraud. If you’re not entirely sure that the site you’re visiting is safe, go somewhere else. The same goes for shopping in person. If something seems off or the store doesn’t seem to be using an up-to-date system, use cash or shop elsewhere. As consumers, it’s our right–and responsibility–to demand certain standards for credit card processing. If retailers aren’t following those standards, it’s in everyone’s best interest to avoid those stores and take our business somewhere else.
The flip side of the Credit card fraud and safety is, of course, safe retailing. If your business handles credit cards in any capacity, you must be up-to-date on current standards and update your devices as necessary. If haven’t implemented Payment Card Industry Data Security Standard (PCI DSS) training, that’s a great place to start.
PCI DSS training instructs employees in proper practices for handling credit cards, including encryption, tracking access to card data, and developing secure applications. Many companies are required to be PCI DSS compliant and may need to provide proof of training, but either way, implementing PCI DSS standards is crucial to maintaining a good relationship between your company and the individuals that trust you with their cards. They’ll be assured that they can safely do business with you, and you’ll be confident that no data will be compromised during card transactions. During the busy holiday season it’s crucial that everyone involved with credit card transactions understands what’s at stake and how to protect card data.
In many ways, credit cards make shopping nearly effortless both online and in person, but using them carelessly can leave the door wide open for a financial nightmare or a major data breach. Raising awareness that the PCI DSS standards exist, and that consumers can and should insist that the businesses they shop with adhere to them, will gradually discourage poor security and make Credit card fraud and hacks more difficult to pull off. Talk about happy holiday shopping.
What Can You Do?
GLS knows that your employees’ cybersecurity awareness should not stop when they leave the office at the end of a workday. The principles they learn as part of their training at work should be extended to protecting personal data so that good habits are practiced 24×7 to reinforce positive behaviors and prevent phishing attempts.
As part of our Human Firewall 2.0 program, Global Learning Systems offers courses for prevention of online phishing scams in: