Amazon’s third annual Prime Day is here, meaning it is officially Christmas in July for Amazon Prime subscribers. With new deals being offered every five minutes for 30 straight hours, 54 million subscribers will be overwhelmed with deals and savings.
I am certain that the majority of today’s shoppers will not be thinking about cybersecurity risks that are associated with the amount of activity occurring on Prime Day, as many people view cybersecurity as unattainable or even a hopeless cause.
While there is no 100% guarantee for safe online shopping, some practical measures can certainly minimize your personal cybersecurity risks:
Internet of Things (IoT) Devices
Lastly, be cautious of purchasing the various connected, or Internet of Things (IoT), devices such as Amazon’s Echo, Echo Dot, Fire Stick, Dash Buttons and FitBits. Although these devices are innovative, timesavers and some will even play more cowbell, they can introduce security risks to your personally identifiable information.
The security-minded among us will recall that in 2015, VTech’s customer database was hacked allowing attackers to gain access to customers’ personally identifiable information (PII) such as addresses, birthdates and passwords – include identity information belonging to children – from Internet-connected electronic learning devices, baby monitors, toys, and other equipment.
Remember: any Internet-connected device can potentially be hacked and leveraged to gain access to sensitive data, most times before the user or manufacturer is even aware.
By utilizing these practical tips, you will be able to decrease your shopping vulnerabilities and resupply on an abundance of dog food or window cleaner.
Be safe and happy shopping!
Gary Braglia is a Security Specialist at GreyCastle Security with over 10 years of experience as an IT professional. Gary began his career as an application developer with the NYS Office of Information Technology Services (ITS), is a graduate of SUNY Albany with a Master’s degree in Information Science (M.S.I.S.) and the owner of industry-recognized certifications including Tenable Certified Network Auditor (TCNA) and CompTIA Security+.
At GreyCastle, Gary consults with clients in a wide range of security domains, including penetration testing, vulnerability assessments, security assessments, network security, application security and policy development.