The end of November is marked in retail trade by Black Friday promotions, which has become a much-awaited moment in the country’s consumer market. Amidst the euphoria for the search for the best discount, however, many consumers expose themselves to risks when shopping online. And one of these threats is precisely the invasion of accounts on shopping sites, in which scammers try to impersonate consumers to purchase products online.

With that in mind, the Center for Studies, Response and Treatment of Security Incidents in Brazil (CERT.br), linked to the Information and Coordination Center of Ponto BR (NIC.br), launched a new issue of Internet Security Booklet, this time with a focus on adopting good authentication practices. The material is divided into two sections: Essential precautions to protect your accounts and Other two-step verification precautions.

The publication highlights, for example, that in a scenario of so many attacks and data leaks currently taking place, using only passwords may not be a strong enough barrier against scammers. That’s why it recommends strengthening security by creating an extra layer of protection through two-step verification.

“A very common trick used by scammers is the creation of fake websites of known stores in order to obtain user login and password, and then use this information to make purchases on official websites. With the two-step verification activated, for example, the attackers will not be able to access the account on the original website, because they will need additional data to invade the other person’s account”, explains Cristine Hoepers, manager of CERT.br.

The expert points out that protective measures should be adopted all year round and on all accounts, including those on social networks and emails, and not just at this time of promotional shopping. “Taking care of accounts is an essential part of internet security. E-mail accounts, for example, are very targeted by scammers as they allow the recovery of passwords from other accounts, including e-commerce ones,” she explains.

Some tips

The CERT.br Authentication Fascicle can be downloaded free of charge from the entity‘s website.

There are several tips to increase the security of online accounts. One is the need to enable two-step verification. With this feature, even if the attacker finds out the password, he will need other information to hack your accounts. Choose the method that you find most convenient and secure, such as having a physical security key or using a mobile app to generate verification codes and receive codes via text or voice message.

Another tip is to use a different password for each account. Reusing passwords, that is, using the same password in several services is considered risky, as it is enough for an attacker to discover the password of an account to be able to access other accounts where it is used. If you suspect that a password used in several applications has been discovered, you must change it immediately in all of them in which it is applied.

Creating strong passwords, using long words, for example, in addition to special characters, uppercase and lowercase letters, in addition to numbers, is also an essential measure to maintain the security of your virtual accounts in stores.

For those who have difficulty remembering so many different passwords, a tip is to adopt a method of managing this information that is the most practical and safe. An example is using password manager applications, writing them down on paper and keeping it in a safe place, or recording them in an encrypted file.

In addition to the tips in the Authentication Fascicle, the #Internet Responsive Guide Go Shoppingfrom NIC.br, brings several recommendations that help users ensure a safer online purchase on Black Friday, or any other time.