If you’re doing your holiday shopping online, a federal cybersecurity official is urging you to take precautions.
Ian Moore, the Washington cybersecurity coordinator for the federal Cybersecurity and Infrastructure Security Agency, says there are basic steps you should take to protect your personal information from cyber thieves.
“Having strong passwords, complex passwords, meaning you use a lot of different types of characters, but also having a longer string, so over 12 characters, we recommend," he said.
He says people may take that advice for obvious devices such as phones and computers. But he says they should also consider rejiggering their passwords for other, less obvious, electronics.
“Everything from your refrigerator to your coffee pot to your thermostat to your children’s toys that you can program lights and noises and interactions with. They all have some sort of access control, some way for it to communicate either with the internet or with your computer or your device," he said.
Moore says those electronic devices all come with a factory-assigned password.
“They expect you, and the instructions normally tell you, to change that default password. But if you don’t, that means that anybody who’s a hacker can actually take advantage of that and work their way to get into that device," he said.
He says, if hackers do get control of your device, they could turn your electronics into devices that can spread malware and other malicious software to other devices that are connected.
Finally, Moore urges people to use credit cards, instead of debit cards, when they’re buying holiday gifts online.
In cases of cyberfraud, he says, consumers have a level of protection with credit cards that they don’t have when they draw from their own accounts.
“You don’t own that money. If they gain access to it, the bank is basically going to refund your money because it’s not really your money. It’s just a loan," he said. "Whereas a debit card, if they gain access to that account, it’s actually a link into your money on your account. There’s no lender lending that money to you that will pay it off it gets hacked.”
Moore urges people to keep the software on their electronic devices current and use multi-factor authentication on those devices to make it harder for hackers to access your sensitive information.