Subscribe to this e-update.
Boscola Bulletin

Holiday Shopping & Cyber-Security

PA State PoliceThe PA State Police (PSP) & the PA Criminal Intelligence Center (PaCIC) want to make organizations and business owners, especially those conducting business online, aware of cyberthreats that likely occur during the holiday shopping season. 

Cybercriminals take advantage of the holiday season by exploiting the increased spending and online activity to prey on unsuspecting and unprepared businesses and consumers. Cybercriminals use several tactics to achieve their ultimate goal – these include, but are not limited to:

  • Formjacking – also known as e-skimming, form jacking is when cybercriminals use the script installed on a retailer’s site to intercept customer information from the payment forms on checkout pages.
  • Carding Fraud – Cybercriminals use e-commerce sites to test stolen cards by initiating multiple transactions (usually in a smaller dollar amount). These transactions are done to test whether or not the cards have been reported as stolen.
  • Account Takeover Fraud (ATO) – stolen credentials are used to take over online accounts to make purchases with the victim’s saved payment information. 
  • Rogue Security Certificates – some malicious websites use valid security certificates to make themselves look legitimate.  The site may look like a well-known retailer, but the URL is misspelled & the domain may be different. 

Steps Businesses can take to Protect their Websites, their Customers, their Employees, and their Networks:

  • Use multifactor authentication (MFA) for both customer and internal accounts wherever possible.  MFA uses multiple credentials, such as user name, password, and one-time code sent to an email or cell phone to make it more difficult for a cybercriminal to take over the account. 
  • Require strong passwords containing capital and lower-case letters, numbers, and special characters. These make it harder for cybercriminals to steal credentials.
  • Ensure all code used in website forms is tested regularly, especially when first installed & after every update.
  • Use a multi-part payment system to detect & prevent ‘carding’. This may include an address verification systems (AVS), which determines how many parts of the address as entered on the website match the address on record with the card issuer.

During the holidays, organizations hold open houses and parties – often posting information about employee and organizational activities to social media and on the company’s website.  Cybercriminals use this information to enter office buildings unnoticed and unchallenged to find information they can use to access the network.

Organizations should develop & distribute procedures for employees to report suspicious activity, behaviors, and encourage employees to do so.  Suspicious activity reporting can stop incidents before happening. 

The See Something, Send Something smartphone application provides a way for individuals to report suspicious activity by capturing a photo or written note and having the capability to send the information directly to the PaCIC.  This app also provides examples of suspicious behavior and the ability for users to receive important alerts.  The PaCIC maintains a Terrorism Tip Line, 1-888-292-1919, to solicit information from the public which operates 24 hours a day, 7 days a week.


See Something Send SomethingSee Something Send Something is the preeminent nationwide suspicious activity reporting (SAR) tool for citizens to help in the fight against terrorism. See Something Send Something has information to educate you on what to look for and when to submit suspicious activity reports along with how to receive important alerts. The SAR tool connects you to a nationwide network of Intelligence Centers by routing tips to the correct center for analysis.

Learn what to look for, stay informed, and act on your intuition with the official See Something Send Something app. For situations requiring an immediate response always call 911 or local police directly.

Download for Android Devices

Download for Apple Devices

How to Safely Shop Online This Holiday Season

add to cartThis year, we entered an earlier-than-ever holiday shopping season online that has already begun and won’t end until early January 2020.

Why did we begin the holiday shopping season so early this year? Since the Thanksgiving holiday weekend arrived late in 2019, Black Friday and Cyber Monday deals had arrived with retailers launching a frenzy of discounts to try and make up for the “lost” shopping days - when compared to the earlier Thanksgiving holiday weekend last year.
Here are some tips to help keep you safe while online shopping this holiday season:

  • Stick to retailers you know and preferably, have shopped with before.
  • Research a business you haven’t purchased from before by checking customer reviews or complaints with the Better Business Bureau.
  • Never commit to a deal that seems too good to be true.
  • Refrain from using pubic Wi-Fi to make purchases or use a VPN to avoid hackers intercepting your information.
  • Use a credit card for your online purchases versus other payment methods. Almost all credit cards have fraud protection
  • Check a webpage’s security by looking for the lock icon in the URL field and making sure the URL starts with “https”, not just “http”. The “s” means the site is safer and more secure.

Just remember, most people have heard these tips before but let their guard down over the holidays when rushing for an online deal or a last-minute gift.  Check – and check again – to make sure you keep your identity safe.

Facebook Twitter Instagram Join the Conversation on Facebook and Twitter

Follow me on Facebook and Twitter for the latest news and updates.

Offices of State Senator Lisa M. Boscola

One East Broad Street
Suite 120
Bethlehem, PA 18018
(610) 868-8667
Fax: (610) 861-2184
Toll-free: 1-877-535-1818
1701 Washington Blvd.
Easton, PA 18042
(610) 250-5627
(610) 250-5629
Fax: (610) 250-1889
458 Main Capitol Building
Senate Box 203018
Harrisburg, PA 17120-3018
(717) 787-4236
Fax: (717) 783-1257
Senate of PA:
1-800-364-158 (TTY)
Download for Android Devices Download for Apple Devices