Over the last several months, we’ve provided you with updates on steps Target is taking to assume a leadership role in information security, partner to take down social media scams and share information across industries to better protect all consumers. Along the way, our guests have increasingly turned to us asking what steps they can take to help ensure they are also taking their own steps to safeguard their information.
One of the most common questions we get from guests is where to start when it comes to web safety. To help answer this question, we turned to Robert Hansen, vice president of WhiteHat Labs at WhiteHat Security. WhiteHat Labs is an industry leader in information security and website risk management. He shared top web safety tips — both general and specific to Target — all consumers should know.
1. Make certain your browser is up to date. Like your operating system, the faster you can apply security patches, the less likely you will be compromised by malicious downloads. Some browsers like Google Chrome and WhiteHat Aviator offer automatic updating while others will require you to stay on top of the current version.
2. When accessing a public Wifi hotspot, be mindful of the connection host. If possible, confirm with the owner of the hotspot that you are connected to their device and not an impostor’s. Additionally, ask yourself if there should be available Wifi where you are. If the answer is “no” or even that it seems unlikely, avoid the connection. For example, many airlines, trains as well as buses offer Wifi to travelers, but if you find yourself on the road and your method of transportion does not explicitly advertise Wifi, yet you find a strong, open signal, it may be too good to be true.
3. Be mindful when logging into websites from a computer that doesn’t belong to you, like at a cyber café. One strategy attackers will use is to install a keystroke logger to steal your username and password.
4. Don’t use the same password on multiple websites. Attackers know that people re-use passwords and if they compromise one password to one account, they can often break into all of your other accounts using the same password.
5. Stay away from downloading suspicious programs onto your computer if they don’t come from a trusted brand. A common tactic for attackers is to convince a user that they have a virus to get them to download fake anti-virus software.
6. If your email provider offers it, sign up for second factor authentication. Often times your email provider can call you, or send a text message to verify your account, which prevents attacks against your email. Since email is often tied to your online accounts attackers know it can help them gain access to other online accounts.
7. If you are logging into your Target.com account or making a purchase on Target.com, look for the lock in the address bar of your Internet browser. This confirms that you are securely connected. If the lock does not appear, you should not enter your username, password or any other personal info.
8. If a message appears indicating that your connection is not secure, Target will restrict your access to the website in an attempt to prevent your information from being captured by an unauthorized person. As a precaution, we recommend disconnecting from the Wifi service you are connected to and reconnecting to another hotspot that you know is secure.
9. Make sure you do not click on any emails claiming to be from Target.com to change your password. Target will never send you links to change your account information. If you see a suspicious email, type in the address into your browser instead of clicking on the link.
For more information on online safety, visit the resources section on WhiteHat Security’s website.
Don’t miss out on the latest Target news and behind-the-scenes happenings! Subscribe to our bi weekly newsletter and get the top stories from A Bullseye View delivered straight to your inbox!