What you should know about CyberSecurity Issues and how it affects Lego buying
I think at this point, we all know about all the scams that exist out there that we must tread as Lego buyers: Drop shippers, shipping scammers on Ebay, Craigslist scammers who want you to wire them money, and even companies that are somwhat deceitful in their practices.
But there are more parts to being safe as a Lego Investor/Collector that we must be aware of: CyberSpace issues. It seems silly that this amazing thing called the internet has brought us all of this joy, made this site possible, and absolutely changed the way we do everything to do with our money, could also be the thing that ruins us completely. I am a member in this industry as a networking engineer. I have studied CyberSecurity quite a bit and it is something I want to eventually pursue as a higher level of education in my field. It is a fascinating field and we are in the golden age of CyberSpace growth.
However, the unfortunate realization of living through this era in technology is how woefully behind the Cyber criminals we all are. For one, everyone has to react to the new things they do. We wont be able to just guess what they are going to do next: they are calling all the shots. On top of this, our economic systems, our credit systems, and most of our business industry is not built to cope with how fast people are coming up with ways to game the system.
So do we just shut down and not buy on the internet? Of course not, but we can be smart before making certain decisions. And most importantly, we can be vigilant for the inevitable times that this happens and be ready to act to correct any issues we come across. Here are some thoughts in this direction:
Don't use any service unless you know it is secure.
This is a tough one; how will you ever know for sure? Well, you won't. But you can make a pretty good decision with a little bit of research. Paypal and Ebay both offer buyer and seller protection. They both have great track records in the field as well. Things like Western Union and other money wiring services have a history of being scam vehicles and the companies themselves have a track record for saying "its not our problem". Only use things you trust for your transactions.
Do not put in purchasing and credit card information into a website on a Public WiFi connection
This is one most people don't think about. You are sitting at StarBucks and you jump on WiFi. See a great deal on BP deals page and click the link. You put in all your credit card information and make the purchase.
Unfortunately the guy next to you, with little effort at all, can see every little bit of information you type into your PC or phone with free programs downloaded on the internet. Its unbelievable how easy it is for someone to do this. Yes you are protected by your credit card company most likely, but is it worth the trouble thinking about it?
In general just avoid it. If you are on your phone, it is worth switching to data for the purchase.
Set up credit card alerts
This is a extremely simple one with how many people have the ability to text on their phones. I don't know an actual statistic, but I would say the majority of people on this site who use credit cards a lot have had a fraudulent charge once or twice. My wife's card was stolen out of her supposed-to-be-locked classroom at school once, and before we knew it they had rattled off a grand in purchases. Most credit card companies now have pretty robust alert systems. Everytime I make a purchase, my credit card companies texts me and says my card was authorized for this amount of money at this location. I immediately know if something is not right and can actually reply and say "this isn't me!".
I can also keep better track of what my Wife is buying
Get a credit monitoring service
These are annoying. The credit monitoring and reporting companies have about turned into insurance companies as far as commercials go - except no one can beat Geicos Hump Day. They do serve a great purpose though. Whenever I do anything that has an impact on my credit (or if someone else does) I immediately get an alert of exact what the inquiry was about. I pay 10$ a month for it and it is very much worth it.
My wife did not have it and someone stole her identity and massacred her credit. It wasn't her, so no big deal right? Heh - I wish. It took more than a year to get her credit fixed back to where it was supposed to be. This being right before we were about to buy a house, we had to drop her from the loan because she was dragging my credit down!
Think about the effect this could have on you if it happened. All of a sudden, your credit cards get frozen, you can't open any new ones, and you can't purchase those lego sets like you used to. Most monitoring services also offer services where they will help you fix credit problems much quicker than you could ever do on your own.
Be smart with your passwords for all those sales sites
So many people carrying legos now means more and more people have your personal information from all those sweet deals you have gotten. Unfortunately, we just have to trust them with it.
However, we can put ourselves into position to keep ourselves as safe as possible. Passwords really come into this. Everyone has heard it - change your passwords every 90 days, make sure they have special characters, blah, blah, blah. I am not preaching that at all.
Actually you should absolutely use a password that is easy to remember. And unfortunately, special characters and numbers really don't mean a lot at all to a password's security. Passwords are normally cracked when attackers steal the payload of a password exchange between a site and a user and run a password cracking program on it. So understanding how this works is important. In most programs, you give the application a list of common possible words or letters and then let it try all its possible combinations. For example, some may feel this is a good password:
By adding special characters into the application, a password like the above could be broken within less than a minute in most cases.
Whats the answer? More complicated? Simple actually : longer. The more letters in a password, the more time (exponentially) it takes to crack it (which means people give up). So I use phrases for passwords - spaces included. Consider:
I love to use brickpicker for lego prices
A password like the above is insanely more secure, even without special characters, and most people don't insert spaces into password cracking applications by default. Plus they are really easy to remember!
On top of this, do not use the same password for every site - or at least spread it around pretty well. If you do, one is hacked - they all could be. Now maybe the attacker wont know you are on entertainment earth and toysrus.com - but the first thing someone does when they hack a google password is take the same user and password and pop it into paypal, ebay, major bank sites, etc. Easier to just avoid these problems.
Its an unsafe world in general, and we have to live with it. There are many more ways things can go sour for people like us who spend a lot of money, and most likely have a lot of credit and spending habits that are harder to track. But by being vigilante, we put ourselves in a position to prevent issues from happening, and ultimately be able to react when they do. Though Cyber space has brought all these new worries upon us, we still have the Human intelligence to stay ahead if we consider and study the consequences of not doing so.
Thanks for reading.