News & Blog Podcasts

How to Safely Shop Online During the Holidays and Beyond

explore

In today’s episode, Chip is joined by Beth Martin, with the Crane Agency is St. Louis and longtime RiskProNet member. Beth is their cyber security expert and talks about things to pay attention to during the holiday season, and how to safely shop online in general, as it related to cyber and individuals.

Crane Agency is one of the oldest independent insurance agencies west of the Mississippi River, where they aim to be the premier independent insurance agency for our clients, our team, and our communities every day.

Tune in for cyber security tips for shopping during the holiday season and beyond!

In a nutshell, Chip and Beth shed light on:

·        What to think about when shopping online when it comes to cyber exposure

·        Best practices when it comes to giving out personal information for discounts

·        The option of creating a separate email account for shopping

·        The importance of multifactor identification

·        The use of public Wi-Fi

·        The best way to store your passwords

… and so much more!

How to Safely Shop Online During the Holidays with Crane Agency Insurance Transcript

00;00;02;00 – 00;00;26;02
Chip Arenchild
Welcome to Know Your Risk and Insurance Coverage with Risk Pro Net, where we will discuss all things insurance for you and your company. Risk Pronate is a network of independent agencies who offer specialized insurance across business sectors. Regardless of where you are in your insurance journey. We want to invite you to join us to think about insurance differently.

00;00;26;04 – 00;00;34;17
Chip Arenchild
Know your risk and insurance coverage with risk Pro net provides answers to all your insurance questions.

00;00;34;20 – 00;00;59;15
Chip Arenchild
Well welcome everybody again to know your risk and insurance with risk Pro net. Today is the Holiday Edition. And today we’re going to be speaking with Beth Martin. She’s with the Crane Agency in Saint Louis, a longtime risk pro net member. And Beth is their cyber expert. And we thought we might want to let individuals know what they need to be paying attention to this holiday season as it relates to cyber and the individual.

00;00;59;15 – 00;01;02;13
Chip Arenchild
So Beth, nice to see you today. How are you?

00;01;02;15 – 00;01;04;19
Beth Martin
I’m great. Thank you for having me. Appreciate it.

00;01;04;25 – 00;01;24;28
Chip Arenchild
Well, I think it’s such a timely topic, especially when I think about how my wife uses credit cards and gets online and do things to get that holiday deal. So tell us, what do people need to be thinking about as relates to you as an individual and your cyber exposure and the holiday season? What do you think?

00;01;25;00 – 00;01;52;13
Beth Martin
Well, I agree, and I’m one of those shoppers, like many women are, that go online to do a majority of the holiday shopping. But I think the biggest advice I can give is to slow down on the holiday shopping just a bit so that you can, that you can truly see which, websites you’re ordering from, that you’re not opening emails that are, advertisements with links in them.

00;01;52;15 – 00;01;59;28
Beth Martin
Those can be dangerous. So I think it’s more important to go directly to a website to place an order for online shopping.

00;02;00;03 – 00;02;09;05
Chip Arenchild
So, so when my wife gets the random text, it says, click here to get your discount for some sites she just ordered around. We should probably try to.

00;02;09;05 – 00;02;17;04
Beth Martin
Write if you can. If it’s a really good deal, you might try to still do it, but you just have to be careful. Yes.

00;02;17;06 – 00;02;38;18
Chip Arenchild
It drives me crazy. We’re in the store and I’m like, what are you doing? She goes, well, I have to sign up for the website to get my discount. And, you know, and she puts all that information in online. And so how secure is that right now? What do you see free of individual information. We what are some of the best practices that our spouses or the people we know or people listening need to be paying attention to?

00;02;38;18 – 00;02;43;04
Chip Arenchild
I like slow down, and that seems a hard one to do in the holiday season for sure.

00;02;43;04 – 00;03;05;12
Beth Martin
Yes. Also, if you do have to enter in any personal information to be wary that you’re putting it out there. So a lot of, a lot of websites or emails with holiday deals will have you enter your email address and then they’ll email your code to enter. And when you check out, you get a discount. And that’s okay as long as you’re using an email, that you already have secured.

00;03;05;15 – 00;03;20;06
Beth Martin
So to open your email, you have to put in a multi-factor authentication to access it. That help safeguard, that, that email address. I use a separate email for online shopping than I would for, other personal email.

00;03;20;09 – 00;03;27;29
Chip Arenchild
Well, that’s a good idea. Maybe you could expand on that. Is that a best practice that you recommend? Create a separate account just for shopping?

00;03;28;02 – 00;03;42;15
Beth Martin
I would, because then it’s another way just to monitor that information. I do a lot of shopping on Amazon and other sites, so I get a lot of emails and a lot of text messaging from that. So it just allows me to monitor that more closely.

00;03;42;18 – 00;04;01;05
Chip Arenchild
And then you brought up a good point. You know, we know in the business world we’ve been seeing the multi-factor authentication now is a requirement even to get cyber coverage. Are you starting to see that more in the individual space, whether it’s maybe your bank or something or and if you don’t want to do that, that seems to be like another step.

00;04;01;05 – 00;04;13;08
Chip Arenchild
And I’ll take my wife, for example. She’s like, why are they asking me to do this step? She gets frustrated by it. I think she’s just a she’s a set up for the scammers. But, are we starting to see more of that?

00;04;13;10 – 00;04;36;29
Beth Martin
We certainly are. And it’s actually a good thing, to have I know it’s annoying and it’s another step to add. There are ways around it. For example, what I’ve done recently is the places that I go online, especially with banking, you can download an app that will keep all of your passwords and it’s like a master password keeper.

00;04;37;02 – 00;05;01;19
Beth Martin
And then you’ll have a strong password to access all of your passwords. And that’s backed up by two factor authentication. So on my cell phone, it will use my face facial recognition to open up my password keeper. And then I’ll have all my passwords secure in there. It’s just another step to make sure that, that, you know, your, your information is more secure, especially when it comes to banking.

00;05;01;22 – 00;05;18;25
Chip Arenchild
Do you recommend using, LastPass or something similar or as the as the Apple Password keychain? Just as strong as there any recommendations you have for individual users as they start to think about using a master password collection site?

00;05;18;27 – 00;05;44;03
Beth Martin
Yeah, any of the, apps that will show up. You should just researched how they are used. And if you’re comfortable with using that, you know, every day I use the Norton Password Keeper, on mine. So that’s what I use. I also use the Microsoft Authenticator app, and that I have turned on MFA for a Facebook, Instagram, all of your social platforms.

00;05;44;03 – 00;05;46;06
Beth Martin
You can also set up MFA.

00;05;46;09 – 00;06;05;12
Chip Arenchild
So really anywhere that as consumers are interfacing and have the opportunity to set up MFA, we should. Because if not, we’re really leaving ourselves vulnerable to someone hacking us in that public cafe or jumping on that public Wi-Fi. Do you recommend using VPNs or anything as well?

00;06;05;14 – 00;06;13;26
Beth Martin
Yes. Yeah, you should definitely never, use a public Wi-Fi if you have any sensitive information on your device.

00;06;13;29 – 00;06;33;03
Chip Arenchild
Well, I think most people ignore that one because they’re so desperate for the deal right there. Like it’s only for a second who would catch me? That’s great. Okay. What about. Okay, so we got MFA. We got using a VPN, if you can. We also want to make sure that we slow down, and we’re only clicking on links that we know about.

00;06;33;05 – 00;06;37;18
Chip Arenchild
What else? Anything else we should be thinking about during this holiday season.

00;06;37;20 – 00;07;02;24
Beth Martin
As far as getting emails or text messages from retailers, I would just be wary of ones that appear to be from the company, but, they may look a little off. So the email that they come from might have like one letter that’s not spelled right, or the address in the email to you may not match the signature of the person that’s sending the email.

00;07;02;26 – 00;07;23;20
Beth Martin
So these are phishing emails. So they’re going to try to get you to click a link in within the email that gives them access to your device. And then from there of course they can do whatever they want. So it’s very important to look at the emails that you’re getting to make sure that they that they’re, you know, valid and they’ll have something spelled wrong or the font will be different.

00;07;23;22 – 00;07;35;06
Beth Martin
I, I did get, some, a lot of spam recently from PayPal because I do use PayPal, but the way that the PayPal logo is, it’s just a little bit off. It’s very hard to spot there.

00;07;35;09 – 00;07;59;03
Chip Arenchild
They have gotten very good at making it look like it’s from Amazon or PayPal. I also think, you know, in our business world, we’re learning all this through our systems at work about recognizing proper email things. But I know I’d never go back and that other than say, hey, don’t click on that to my wife. I never talk about some of the ways to identify it, or to hover over the URL to make sure it’s accurate.

00;07;59;06 – 00;08;17;29
Chip Arenchild
And maybe that’s something we should be thinking about as well, because kind of beat into us in the workplace. But I think for individuals out, you don’t think about those things at all. And that’s a tough thing to learn if we’re not exposed to it. So it seems like common nature for us. But my wife would still click that link and do the deal.

00;08;18;01 – 00;08;34;26
Beth Martin
Right? Yeah. It’s they make it, really hard to spot and it’s always a rushed situation. So you want to, you know, make sure that the bad guys want to make sure that you click on that, like without really thinking about it. So that’s our goal right, is to get, you know, to get your money. I will share with you, a personal story.

00;08;34;29 – 00;08;52;14
Beth Martin
I was using, the app Venmo, which is a way that people use to send money to each other and, you know, pay for each other when they when they buy coffee or whatever they go out to eat. I used it to buy, local artisan, you know, things at a cafe or something like that. So I use Venmo.

00;08;52;16 – 00;09;12;14
Beth Martin
I got a notification from my bank that there, that there was a charge that was over the preset limit that I had to send me a notification. And I tried to check my Venmo app, but I couldn’t log in. It wasn’t it said my password was invalid, and I tried to reset my password and it would I wouldn’t get an email.

00;09;12;16 – 00;09;39;14
Beth Martin
And my email account to reset it. The person that had hacked my Venmo had sent two small charges from a gas station, for like around $40. And then at, 4 a.m. trying to charge to Bloomingdales or $2,100 for my Venmo account, which was tied to my, you know, bank account. So I had to act quickly and I had to shut down my whole bank account, open a new one.

00;09;39;14 – 00;10;01;22
Beth Martin
It was a process. And during that process, I, I changed all of my passwords. I don’t use Venmo for a while because I’m not, you know, I’m not. They handled it well, but I don’t really trust them 100% yet. But it was an exercise because, you don’t think that it will happen to you or it won’t happen to the cyber expert at Crane, but guess what?

00;10;01;24 – 00;10;02;28
Beth Martin
They’ll find you.

00;10;03;00 – 00;10;24;01
Chip Arenchild
A cyber expert at Crane was a victim. I think that also illustrates, you know, people won’t slow down or they have a hard time slowing down. But just how much of a pain was it to and how much time did it take to go close your bank? And even if you weren’t out of pocket, any money, that sounds like a very big headache to try and shut down everything and start up again.

00;10;24;03 – 00;10;44;00
Beth Martin
It is. It’s a process. Luckily my bank works really well with me and Venmo was fine, so I wasn’t out any money. But it was. It was a lot of time because not only did I have to get all my passwords and all my logins, and I had to reset the way that I pay all my bills with my bank.

00;10;44;02 – 00;10;49;05
Beth Martin
So it’s a process, and, you know, time is money. So it’s it’s a headache that you don’t want to have to go through all.

00;10;49;08 – 00;11;07;15
Chip Arenchild
Well, there we have it. There we have it. I think that’s I thanks for sharing that story. Because as individuals we go out there and we don’t think a thing about the stuff we learn at work. And so this is timely information for those that are listening in, that are out shopping around. And I think talk to your spouse, you got to make sure they know what to do.

00;11;07;17 – 00;11;13;09
Chip Arenchild
Is there anything else that we kind of wrap this up in terms of like best practices for this holiday season?

00;11;13;12 – 00;11;40;19
Beth Martin
I think that we covered the most important, I would say maybe one more thing is if you have, any data or anything you keep, as far as password keeper or anything like that, just make sure that you have a good backup system for your computer. And also make sure that you’re doing the updates that your apps require on your phone, that it’s going to make sure that any bug or any vulnerability that’s in that program is going to be patched.

00;11;40;22 – 00;12;03;11
Chip Arenchild
Okay. That’s a great that’s a good point. I know you’re supposed to keep all our software, all applications up to date. A lot of people don’t do that. How about storing passwords? Any tips on the best places to store passwords if you’re not using these password keepers? I know. Also human tendency is to use the same variation of the same password as you’re creating passwords to access a site.

00;12;03;11 – 00;12;22;06
Chip Arenchild
And and we also know I think the hackers can run these algorithms. And once they have one of your passwords, they can run it through some iteration so quickly that they can find your other vulnerabilities. Right. So that is there any suggestions on password use the use the one provided by the password manager or change them up.

00;12;22;08 – 00;12;42;10
Beth Martin
I do set my own passwords in my password keeper. I make them, passphrases. Things that only I would know in a certain configuration of words. Not just, you know, you don’t want to put your dog’s name. And then the year, obviously, you don’t want to use the same password for everything. I use tartar password for things that I want more secure.

00;12;42;12 – 00;13;06;04
Beth Martin
The password keeper will tell you how long it will take to crack the password that you, suggested. So, you know, obviously a brute force attack is a computer that is just going to run an algorithm to find the password. And then once they do, you know, they can shoot it out for several places. And they’ve got, you know, you’re, they’ve got access because you’re using the same password for everywhere you go.

00;13;06;06 – 00;13;20;23
Chip Arenchild
Yep. And I think people are guilty of doing that because we default to behaviors which are known. And so we we always use some are there’s a tendency to use a variation of that password. And you actually leaving yourself pretty vulnerable if you don’t find a way to manage your passwords correctly. Yeah.

00;13;20;25 – 00;13;31;25
Beth Martin
It’s better to use a passphrase or you know, your favorite song, just some random lyric from it or something like that is more secure than just someone’s name or initials or the year you were born.

00;13;31;28 – 00;13;53;18
Chip Arenchild
Right? And it’s, yeah, I have funny stories. I better watch out or I’ll get hacked. I’ll be giving away all the secrets. So. Yeah. Beth, it’s been great to just get these tips on the holiday season. Perfect timing. I think everyone needs to do their part. Go out, keep jumpstarting the economy, but spend wisely when you jump on these apps at these stores to get the deals, to make sure you get the right Christmas presents that you want.

00;13;53;20 – 00;13;55;09
Beth Martin
Absolutely. Happy shopping.

00;13;55;12 – 00;14;15;21
Chip Arenchild
Yeah, happy shopping. Well thank you so much. And again, this is Beth Martin from the Crane Agency in Saint Louis. She’s the cyber expert. Prior to joining Crane, she worked for Aon, where she worked in the private equity portfolio, doing all the management liability. Pleasure to have you on today and learn from me. Wealth of knowledge. And thanks for sharing what individuals need to do this holiday season, Beth.

00;14;15;26 – 00;14;17;04
Beth Martin
Absolutely. Thanks, Jim.

00;14;17;06 – 00;14;42;07
Chip Arenchild
Okay. We’ll see you again. All right. Enjoy. Know your insurance and risk Pronate with risk Pronate. We’ll talk to you later. Happy holidays. We hope you enjoyed this episode of Know Your Risk in insurance coverage with risk Coronet. For more information about risk Pronate, please visit our website. You can follow us on Facebook and Twitter for insurance insights from everyone at risk Pro Net.

00;14;42;13 – 00;14;45;14
Chip Arenchild
We want to say thank you for tuning in and see you next time.

Get In Touch

Talk to an expert to see how we can help.

Moody Insurance is here to help provide you with solutions to your personal, business or employee benefits insurance questions. Please fill out the form or call us at 303.824.6600.

service interior

Contact Us

  • By providing a telephone number and submitting this form you are consenting to be contacted by SMS text message. Message & data rates may apply. You can reply STOP to opt-out of further messaging.
  • This field is for validation purposes and should be left unchanged.