It's an unfortunate reality of today's consumer environment: Identity theft is rampant and often occurs on a massive scale.
Cybercriminals have become more sophisticated in their attacks, and as customers regularly make purchases and store account information online, their susceptibility to such schemes is incrementally increased. From Target to Home Depot to Jimmy John's, companies of all sizes and functions have experienced data breaches. The Ponemon Institute recently concluded a jarring 43 percent of U.S. companies were successfully targeted from the third quarter of 2013 through the second quarter of 2014.
So as a mystery shopper, what can you do? Your exposure is inherent, given the nature of your task at hand, and in most cases it's actually increased thanks to the sheer quantity of small transactions you're required to make. Many assignments even specify that shoppers make online purchases or pay with a debit card, sometimes asking that a PIN be entered and leaving you vulnerable to a variety of forms of cyber attacks.
There's no way to ensure your information is absolutely safe, but there are precautions you can take to minimize your risk, and the majority of them can be classified as common sense.
- Use cash. It's not always possible - such as during the aforementioned, specifically instructed instances - but if you have the option to pay for a secret shopping purchase with regular old greenbacks, do it. Cash is the only foolproof method for eliminating your exposure to cybercriminals. If a record needs to be kept of your transaction, you can simply request a receipt, which you're always entitled to and will likely need for the sake of reimbursement anyway. In the end, there's no more effective means of avoiding a data breach than by never putting yourself on the hackers' radar.
- Change your passwords. Equally simple, yet surprisingly overlooked, is the need to update login information. Given the number of purchases made online and the frequency with which email addresses must be offered, your financial information and online profiles have become irrevocably intertwined. For better or worse, your debit and credit accounts are accessible through your personal email, and so once thieves have one, they can easily obtain the other. Preventative action is the only way to combat this threat, meaning it's in your best interest to change your email, pay-service and other online shopping-related passwords once a month - if not more often. Keeping track of them all is another story, and if you must write them down, make sure you store those reminders somewhere physically secure rather than in your wallet or on a personal computer.
- Err on the side of caution. Another unfortunate byproduct of today's consumer environment is the attitude many shoppers have adopted. Skepticism has become not only common but necessary for anyone who wants to ensure the safety of their personal information. Cyber attacks are usually launched in an effort to obtain credit and debit card information, but also, in some cases, so the offenders can gain access to health care benefits and make doctor visits. As a result, secret shoppers need to be extra vigilant, monitoring their accounts and statements for anything resembling suspicious or unfamiliar activity, while asking questions of anyone requesting personal information or claiming debts owed. Never provide account information or a PIN without being absolutely certain it's secure and necessary, and familiarize yourself with the terms and conditions attached to your bank, your email provider and any other accounts you may have opened online. In every case, a request for your information should raise a red flag, especially as targeted attacks become more frequent and widespread.