9 Tips for Secure Online Holiday Shopping
The holiday shopping season is nearly in full swing. That means the scammers have revved their engines, too. They're ready to exploit all those online transactions.
Don't forget to stay safe online during the shopping frenzy this time of year. An ounce of cybersecurity prevention is definitely worth more than a pound of cure. It can also save you from a financial or privacy nightmare.
Below are some of the top security tips to improve your online shopping for the holidays.
Computers, tablets and smartphones with outdated software are vulnerable. While you may not want to wait for a 10-minute iPhone update, doing so will keep you safer.
Hackers often exploit vulnerabilities in device operating systems. Updates install patches for known vulnerabilities, reducing your risk. Make sure you install all updates before using your device for online purchases on holiday
Yes, it's annoying to have to type in "amazon.com" instead of just clicking a link in an email. But phishing scams are booming this time of year. Clicking on an email link to a malicious website can trigger an automatic malware download.
It's best to avoid clicking on links and visit the website directly instead. If you want to make things easier, save websites as shopping bookmarks in your browser. This is safer than clicking on a text or email link.
There's always a risk when you give your debit or credit card to a website. The risk is even higher if you do your Christmas shopping on a website you've never bought anything from before
If possible, buy with a wallet app or PayPal. This way, you don't have to give your payment card information directly to the merchant. Instead, you give them to the wallet app's service (Apple Pay, Google Pay, PayPal, etc.). However, the retailer doesn't receive them.
There's also the risk of a retailer data breach. These are common and can expose sensitive customer payment information. The fewer databases you allow to shop your payment information, the better for your security.
Remove your payment card from the site immediately after you pay. Usually, you need to go to your account settings to do this
Make sure that the website uses HTTPS (emphasis on "S")
HTTPS has largely become the standard for websites. This is short for "HTTP" without the "S" at the end. HTTPS means that a website encrypts the data transmitted through the website. This includes your name, address, and payment information.
You should shop at NEVER on a website that doesn't use HTTPS in the address bar. An additional indicator is a small lock symbol in front of the website address
We all make typos from time to time. Especially when we're typing on a small smartphone screen. A single typo can land you on a fake website (e.g. Amazonn(dot)com).
Hackers buy domains that closely resemble the real domains of popular retailers. Then they set up fake websites to trick users who make a mistake when entering the URL.
Take a few extra seconds to make sure that you've landed on the right website. Do this before you start shopping
If you connect your device to a public Wi-Fi network, you can expect to be harassed by a stranger. Hackers LOVE to take advantage of the Christmas shopping season and stay in popular public Wi-Fi places
They spy on the activity of other devices connected to the same free hotspot. This allows them to gain access to anything you enter. For example, passwords and credit card information
Never shop online when you're connected to a public Wi-Fi network. Instead, turn off Wi-Fi and switch to your mobile carrier's connection
Phishing scammers were very active during the 2021 holiday shopping season. There was a 397 percent increase in typo domains associated with phishing attacks
While you always have to be on the lookout for phishing, the threat is even greater during the holiday season. Attackers know that people are expecting emails with Christmas offers from retailers. They also receive a flood of order confirmations and shipping notifications at this time of the year.
Hackers use these emails as templates. They impersonate brands such as Target, UPS, Amazon and others. Their emails look almost exactly like the real ones. They trick you into clicking and/or logging into a malicious website
Be wary of emails that pretend to be a brand. This is another reason why it's always better to go to a website directly instead of using an email link.
Phishing Check your bank account regularly. Watch for suspicious debits that could indicate a breach. One way to automate a monitoring process is to set up banking alerts through your online banking app.
For instance, a lot of banks allow you to set up alerts for events such as:
Malware is often deployed in holiday shopping scams. Are you sure that your device is secure from malicious apps and malware? Contact Onyx IT today for a security checkup.