Tech Services Shares Tips to Stay Cyber Safe During the Holidays

‘Tis the season to take extra precautions to keep your personal information safe while enjoying the holidays. From turning on two-factor authentication on new phones to shielding yourself from “grinch bots” and gift card draining, Tech Services at the AIU shares tips to keep the holidays cyber safe.

Santa Bringing a New Phone?

Before you switch devices, there’s an important step you should take — enabling your 2FA app (Google Authenticator, Authy, Microsoft Authenticator) on a secondary device. This will keep your accounts safe and accessible.

Here’s how to set up 2FA on a secondary device:

1. Download the 2FA app on your secondary device: This can be another smartphone, a tablet, or any device capable of running the app. Make sure it’s a device that you use regularly and keep secure.
2. Transfer or add your accounts: Most 2FA apps offer a way to transfer your accounts from one device to another. You can usually find this option in the app’s settings. Follow the instructions to move your accounts safely. Alternatively, if you’re setting up the app as new on the secondary device, you might need to manually add each account again. This typically involves scanning a QR code provided by the service you’re securing.
3. Verify setup: Before you switch phones, make sure that the codes on your secondary device are working correctly. Try logging into a few accounts with the new setup to confirm everything is functioning as it should.
4. Keep your old device until the switch is complete: It’s a good idea to keep your old phone until you’ve fully transitioned and confirmed that all your accounts are accessible via your new device.

Remember, taking these steps not only keeps you from getting stuck without access to your important accounts, but it also protects your personal information from theft or unauthorized access.

Avoid the Grinch Bots

On Black Friday last year, 35.7% of all “shoppers” were actually bots and fake users, aka “Grinch Bots.” These are automated programs that quickly buy up popular toys, sneakers, or other items, and then resell the item for a huge mark-up to real people. Buying supposedly new items on a resale market opens you up to an increased risk of fraud and counterfeit goods.

The best way to melt away the Grinch Bots is to refuse to buy from them, and to only buy items from vendors you can verify. 

Beware of Gift Card Draining

Gift cards are a popular way to gift friends and loved ones, but they’re also a target for increasingly sophisticated fraud schemes. Over the past year, Homeland Security Investigations has coordinated Project Red Hook to tackle this issue head-on.

Gift card draining isn’t just a scam where someone asks for gift card codes over the phone. It’s a large-scale, organized operation with multiple steps:

1. Recruitment: Individuals, often those in financial need, are recruited via platforms like WeChat. They’re offered small payments to collect large quantities of blank gift cards from store racks.
2. Tampering Hubs: These gift cards are sent to locations where they’re carefully opened using tools like razor blades and hot glue guns. Barcodes and PINs are recorded, and the packaging is resealed to look untouched.
3. Return to Stores: The tampered cards are returned to store racks, ready for unsuspecting customers to buy and load with money.
4. Balance Checking and Theft: Teams, typically from abroad, monitor these cards and use the recorded information to drain the funds as soon as they’re loaded. The stolen money is then used to purchase high-demand goods, which are resold for profit abroad.

This operation exploits both customers and retailers. For customers, discovering an empty gift card after purchase is frustrating, often going unreported due to embarrassment or confusion. Retailers typically shoulder the financial loss, which adds up to millions annually.

How to Protect Yourself:

1. Inspect Gift Cards: Check for signs of tampering, like damaged packaging or loose seals.
2. Buy from Secure Locations: Choose gift cards stored securely behind counters or in locked displays.
3. Report Suspicious Activity: If you notice someone lingering near a gift card display or tampering with cards, alert store staff.
4. Keep Receipts: Many retailers can track and refund your purchase if you experience fraud.

Project Red Hook continues to combat these schemes, working with retailers and law enforcement to prevent future losses. As gift card fraud evolves, staying informed and vigilant is the best way to protect yourself and your loved ones.

Gift a Password Manager

This year, join your parents or grandparents by gifting an odd gift and make a mark in family lore by gifting a password manager.  Yes, it is odd, but it is also incredibly useful and may save you from spending a random Thursday night of family tech support as you try to get Grandma back into her Netflix account.

Here are a few password managers you may wish to consider:

• 1Password: Highly regarded for its security features and family sharing options.
• Bitwarden: Provides a free tier with premium options for additional features, including family sharing.
• Keeper: Offers strong encryption and features for secure password sharing.
• LastPass: Widely known and user-friendly with a variety of pricing tiers.

You can gift a password manager by subscribing on the vendor’s website and providing the recipient’s email, or by purchasing a gift card for the service directly from the vendor.

Tech Services wishes you a merry and malware-free holiday season!