According to GetSafeOnline, one in four people using social networking sites have posted confidential or personal information such as phone number, address or email on their online profile. To avoid identity theft, never offer personal information to anyone over a social networking site, even if the request is from a friend or relative. Do not offer your birth date, birth town and home address on your user profile, and always make sure you apply the right privacy settings to protect yourself. Avoid posting photos of expensive belongings or dates when you are away from home over the holidays.
Heading to the ATM to get some cash for your holiday shopping, are you sure the machine you are using is legit? ATM skimming, a scheme that involves fitting a real looking device over the actual pin pad in order to steal credit card information, is on the rise. Terrie Ipson, an ATM security expert with Diebold points out that while your card information may be stolen today, you might not even know until well after the holiday season.
"A lot of skimming attacks are conducted by highly-organized groups," said Ipson. "The card [data] could be held for several months."
Ipson recommends using an ATM you are familiar with so you know what it should look like and check it to make sure that it is solid and sturdy.
"Put your hands on it and see if you can wiggle it," she said.
This is the time of year when many organizations or individuals may be disposing of sensitive documents such as receipts or financial statements. A year-end clean out could make your dumpster rife for the picking by criminals. (See security consultant Steve Hunt's video recap of a dumpster dive that yielded personal checks, laptops and more.)
"We tend to focus too much on the digital," said Cohn, who noted that another concern around the holidays is employees working remotely. "Companies need to ensure that materials being used when working at home are also disposed of properly. Employees must protect their company's intellectual property by safely disposing of materials that are proprietary to their companies."
Google is offering free Wi-Fi this holiday at 47 airports in the U.S. in a campaign to promote Google products. Good news for road warriors traveling for the holidays? Not if you don't keep security in mind, according to Cohn.
If you are using that new laptop on a wireless network at home or workplace, Unisys recommends making sure that wireless network is secure. The Wi-Fi network range will radiate beyond the confines of your building, leaving it vulnerable to "wardriving" (the act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable computer so they can use your unsecured network for free). Hackers could use an unprotected wireless network to anonymously download illegal material or perpetrate attacks that would appear as if they were coming from you.
A famous hacker technique in wireless scenarios is the "man in the middle" attack. A hacker can sit in a coffee shop or hotel lobby, with their own laptop showing itself to other patrons as a free Wi-Fi connection. While a patron uses this connection to surf the web or check email, the hacker's laptop can record all data passing back and forth, hoping to capture passwords or other valuable information.