Skip to content

Trending tags

Cyber and shopping: Caveat emptor

Michael Sandelson

23.08.19 3 min. read

“You are what you eat” applies to life as it does to your chances of being hacked. Do you know who’s consuming your private data online, or offline?

Online or physical shopping are neither off the grid nor snooping-free. Tech giants such as Google and Facebook know which e-commerce websites you’ve visited, what you’ve bought, and how much you spent. Your bank and credit card providers know it too.

Cyber criminals can (and do) hack social media. This has given them access to personal information, login details including passwords, and credit card details. Scammers can also send you a phishing email or serve phony ads with malicious links that lead to malware-infected sites.

Not being yourself

Our recent survey found that 28% have dealt with identity theft, email hacking, or the loss or theft of their login credentials.

So you want to get out of the house and go to a shop to buy something. Great. While the benefits might not be financial, they can be psychological – social interaction, the look and feel of a new item, social status, (some) walking are to name just some.

Privacy, cyber security, and healthy general OPSEC (Operational Security) and are part of shopping too. Here are some tips to avoid being hacked in real life:

  1. Is someone looking over your shoulder as you enter your PIN into the payment terminal, signing sales contracts, giving the sales assistant your personal information such as your Social Security Number (known as shoulder surfing)?
  2. Have you checked the ATM to check for a skimmer in the card slot (cover your PIN-entering hand with the other one)
  3. Are your cards stored safely in something that prevents remote skimming (known as RFID skimming)?
  4. Use a credit rather than a debit card when paying for items. Disputing transactions is easier and it won’t affect your bank account’s liquidity.

Dramatic plastic?

French foodie, lawyer, and politician Jean Anthelme Brillat-Savarin (1755-1826) is credited with utteringDis-moi ce que tu manges, je te dirai ce que tu es”, which has made its way into everyday English-language parlance translated and altered to “you are what you eat”.

So what does this have to do with privacy and hacking? Well, surrendering your card for the waiter to swipe through a payment terminal out of your sight when paying can lead to skimming and other fraud – they have all of the credit card details and are then able to make purchases using the ‘card not present’ fraud method.

There’s a risk every time your credit card is out of your hand. To mitigate this, always make sure you keep tabs on your credit card tab to contest charges that you don’t recognize (after a round of thought), and cancel it if it is being misused. The best move, where possible, is to use a trusted contactless payment app.

If the thought (rather than the meal, hopefully) of this is indigestible, there is other data that fraudsters can use to identify you (if they are determined and want to swindle you via social engineering). Perhaps someone takes a picture of you with their mobile…

Also, as you eat the fish dish you ordered, remember this: phishing is easier when your guard is lowered, checking your emails during a particularly delicious meal. Also, use a VPN to protect your Wi-Fi privacy, surf safely, and don’t let a scam attempt leave you with a nasty taste in your mouth.

Bon appétit.

Michael Sandelson

23.08.19 3 min. read


Related posts

Newsletter modal

Thank you for your interest towards F-Secure newsletter. You will shortly get an email to confirm the subscription.

Gated Content modal

Congratulations – You can now access the content by clicking the button below.