Online shoppers proceed with caution!

Reading Time: 2 minutes

With the holiday season fast approaching, it has brought with it the usual rise in spending. CSU staff, like most, are embracing online shopping rather than a brick and mortar store to purchase gifts. While online shopping has a number of benefits there are potential risks involved – by making smart choices you can reduce the associated risks.

Always use secured websites when making payments

Stay Smart Online Look for the padlock, Christmas tree with padlocks on it

Before paying for your purchases check to make sure the website is a secure site.
Secure sites have a closed padlock in the status bar and their URL starts with ‘https’ instead of ‘http’ – this ensures communication is encrypted.

Do not click on suspicious links

Malicious links can be sent by scammers who pretend to be a valid online shop – like Amazon or eBay – to steal personal information including credit card numbers. If you receive a link via email, text or on social networking sites, pause and think carefully – if the link looks suspicious or you can’t tell where it leads don’t click on it!

Always use strong passwords

Avoid using easy to crack passwords like your name, 123456 and “password”.  Never use the same password for multiple sites.

For tips on creating a strong password visit Stay Smart Online – Passwords and Passphrases.

Do not provide your details to every website you visit

If you are not planning on shopping regularly from the online store then avoid providing unnecessary information.

Confirm and double check any requests to transfer funds or pay invoices

Scammers use the end of year rush to trick people into paying a fake invoice or transfer funds using changed bank account details.

We have seen an increase in scammers’ impersonating a senior CSU staff member or a known CSU vendor. If a request arrives via email always check the email address of the sender. Do not trust the information provided in the email. Instead find contact information from another source, for example staff directory, to check the validity directly with the requestor.