العربية简体中文NederlandsEnglishFrançaisDeutschItalianoPolskiPortuguêsРусскийAfsoomaaliEspañolKiswahiliУкраїнська

One of my responsibilities within the Council is creating and sharing advice regarding online security. Like all of us though I don’t always practice what I preach and this was brought home to me last night when I received an email notifying me that I’d purchased a couple of iPhone 6’s for nearly £1000 from Groupon.

Once I’d decided that this wasn’t a strange and overly generous late Christmas present it was time to try and sort out the mess.

What seemed to have happened is that my account had been compromised, I’m unclear if this was a simple brute force of the password or something larger scale. Luckily for me I received the notification via email and could check my bank details to see what was going on. My bank was, unsurprisingly, very helpful and immediately cancelled the transactions and the card itself, luckily it was all on a Credit Card so no additional fuss. The bank also gave me the ‘standard’ advice:

Install an up to date virus scanner – Reasonable advice I guess though I’m fine with the built in stuff thanks

Change your other passwords and don’t use the same password anywhere else. Yup, that was something I needed to do.

Much like any IT professional I’m always telling people what they should do but not what I think they will do and that includes myself. What I should really do is use a password manager exclusively and unique, random passwords for all sites. What I’ve actually done is a combination of that along with using a couple of rubbish passwords for all the sites that I deem unimportant. When I say rubbish password i’m talking about the kind of useless dictionary word followed by 4 digit pin affair that wouldn’t hold up for any amount of time. I’ve since updated pretty much everything I can think of. Sorting all this out though made me think of a couple of things which it would be great if all online e-commerce sites could do:

Allow me to close an account. I know its anathema to ever let you delete anything anywhere but the option would be quite nice.

Don’t store my credit card details silently. I know you want to be like Amazon and have a super friction-less purchasing experience but, hey, you’re not Amazon.

Groupon: Really not impressed with this bunch in any way. So I’ll just list a few obvious points:

 

So, what I’d say is that don’t be as lazy as me with your passwords and maybe be carefully if you think about using Groupon.