‘Tis the season for holiday hacking

This is a wonderful time of year to be generous with your friends and family, and those charities you deem worthy. Don’t let that generosity benefit cyber criminals this year. Happy holidays from the 24th Air Force family to yours! (U.S. Air Force graphic by William Parks)

This is a wonderful time of year to be generous with your friends and family, and those charities you deem worthy. Don’t let that generosity benefit cyber criminals this year. Happy holidays from the 24th Air Force family to yours! (U.S. Air Force graphic by William Parks)

JOINT BASE SAN ANTONIO-LACKLAND, Texas -- Having something stolen is just the worst...

Before I joined the Air Force, I went to a small college in the flat state of Kansas on a partial basketball scholarship.

I remember walking out on the court for the first time and feeling a huge sense of pride in making it to that level after so many years of hard work.

My twin brother was off to the Navy and there I was with high hopes, but not enough height to play the center position like I did in high school. At 6'2", my coach decided I would be a shooting guard instead. I'm not a shooting guard.

A few weeks passed and as I learned the playbook, I improved a lot, but was still struggling to keep up with the speedy guards because my shoes were from the previous season and the rubber soles were worn to the point that I slid a little each time before I stopped. Not cool. Then my brother surprised me with a package in the mail. New Nikes.

I was so happy, I went to the gym by myself and shot around in them right away. Man ... I was on and then I checked out how high I could jump in them and felt great. One-handed, one step, windmill dunk kind of great.

Over the following weekend, while my roommates and I were out, my shoes and a couple other things were stolen.

Too small and too slow Scotty went back to practice and slid (literally) through the rest of the season.

That's crummy and low, right? It was mostly my fault because I didn't lock the door. I should have known better because physical security awareness has been with us since our parents first cradled our heads and taught us how to do just about everything as safely as possible. We were taught who we can trust and how to do our best to stay out of harm's way yet thieves and bad guys remain and succeed every day.

Cyber security isn't always as intuitive as physical security, and it can be even easier to fall prey to cyber criminals than a common thief. At this time of the year, when the money is flowing more freely, and busy people are more distracted, it's a "harvest time" of sorts for the cyber criminals.

Jeremy Carsten, a 24th Air Force Operations cyber force protection contractor, gave me some insight on how to become a harder target for would-be hackers and cyber identity thieves this holiday season.

Carsten said the number one thing to be careful of is cyber credit card theft that can happen when eating at restaurants.

"You give them your card, it leaves your sight. Your waiter or waitress can then scan the card in an instant before, during or after processing your meal ticket, and save this data," he explained. "It's later used by them, or more commonly, simply gathered and sold to another entity that breaks into, uses or duplicates your card information, then they either use it or sell it again."

An easy counter-theft answer? Cash is a great alternative. If you pull some cash out before hand to cover your bill, you're eliminating that risk.

Carsten said online shopping can be dangerous, but going to reputable sites and ensuring the purchase connection is secure are two ways to mitigate risk.

"Verify in the address bar that the page you are about to send credit card info over the URL begins with https:// vs. http:// and the little lock icon is visible," he said. "A pop up should not occur asking you to accept a security certificate. Any business that's on top of things will have a third party verified cert that is current and works automatically. The only time you, the user, are asked to accept is if the cert is outdated or not verified by the trusted third party."

He said some cyber criminals rely on "spoofing." They make a link or Website look and feel real to the user, but direct the user to a .zip file that's loaded with malicious code or some other kind of cyber trap.

"Do not open .zip files from e-mails claiming to be from a business (shipping companies, banks, etc)," he said. These are phishing attempts. The e-mail will look very legit, and may even have legitimate universal resource locaters (URLs) ... but the zip file contains malware out to cause you harm.

Computer security at home and - worse yet - on mobile devices can be dangerous to your identity or bank account. There are ways to stay safer though, and like physical security, using security measures is a great deterrent to would be hackers and cyber thieves who prefer softer targets.

Tips from around the Web include:

*Make sure your security software is up to date. It seems like the obvious and boring tip, but it really is important. Security experts stress that keeping the anti-virus software up to date and running should protect from most common malware.

*Don't use unsecure wifi to do business transactions - public places like the airport are a prime spot for hackers to conduct their tradecraft.

*Use a different password at every site. It is never safe to use the same password across your accounts or sites, because if you do, and you get cracked on one site, you are now vulnerable in many different areas. If you are prompted to sign up for a new account to make a purchase make sure to create a new password.

*Stick to reputable stores and charities, and go directly to Websites you know you can trust. Don't rely on e-mails or letters which or people who show up at your door uninvited.

*Educate your children regarding online safety. Talk to your children about their "sharing" and behavior online and off.

*Shopping online can often mask an international operation. It's safest to shop with a domestic retailer.

*Don't provide your personal information in exchange for prizes or special offers. Reputable retailers are not going to ask for information beyond the most basic. The more personal information a retailer asks you to provide, the more likely it is to be a scam. Also, never share your full Social Security number online.

This is a wonderful time of year to be generous with your friends and family, and those charities you deem worthy. Don't let that generosity benefit cyber criminals this year. Happy holidays from the 24th Air Force family to yours!