cybersecurity holiday shopping tips

Online Holiday Shopping Cybersecurity Tips

Brace yourself, the holidays are here.

This year, many Americans will flock to the Internet for their holiday shopping needs. Digital Commerce predicts US shoppers will spend $201.32 billion online during the 2021 holiday season.

And what’s not to love about online shopping? It’s very convenient! You can shop from your couch and find a great deal right at your fingertips. In fact, a Deloitte study found that 60% of US shoppers prefer to shop online.

But here’s the thing, cybercriminals want to ruin your holiday spirit. During the holiday season, hackers will try to swipe your credit card information or worse.

But it doesn’t have to be this way.

Don’t let these criminals dampen your holiday fun. Here are our top online shopping cybersecurity tips to help keep you safe.

Make sure you’re buying from a real online address.

Hackers LOVE to create bogus shopping websites to trick you. And some of these fake websites can infect your device the moment you arrive on them.

But that’s not the most dangerous aspect. The biggest area of concern is the checkout page.

When you complete the checkout process on a bogus website, you are giving the hacker your credit card information, name, and address. This opens you up to identity theft, credit card fraud, and future cybersecurity attacks.

How to spot a bogus website:

  • Before you visit a website, double-check the URL. Don’t visit a site that uses a strange URL, like “”.
  • Do the descriptions sound off? Any self-respecting online shop will have professional product descriptions.
  • Are the prices ridiculously low? If it’s too good to be true, it’s probably a bogus website.
  • Does it have a horrible design? If it looks like it belongs in the early 00s, run away!

Only shop on secure websites.

Before you click “purchase”, make sure you are shopping on a site with an SSL (secure sockets layer) certificate.  An SSL is a standard security technology for establishing an encrypted link between a server and a viewer.

To know if a website has an SSL, the site’s URL should start with https://, and there should be a lock symbol in the address bar 🔒.

Use antivirus protection on your device.

One of the most common tips on how to be safe online is to use good, quality antivirus software. Granted, it will not block everything. But antivirus software will keep you safe against known malware.

Keep your browser, antivirus software, and operating system up to date.

A tale as old as time (or at least Internet-time)…unpatched or non-updated software is a frequent cause of malware infections. Why? Because updates help protect against the latest threat.

So, make sure you keep your browser, antivirus software, and operating system up to date before online shopping.

Keep an eye on your bank account.

Malicious hackers want your credit card data, and online stores are great places for them to get their hands on that information.

Sadly, no company, no matter how big, is invulnerable to cyberattacks. Companies get hacked all the time. So, even if you did everything right, your credit card information could still get leaked.

For this reason, we urge you to periodically review your bank account and check up on any suspicious activity. Most bank accounts and credit cards have alerts that you can have sent to your phone or email telling you of large purchases or other activity. Be sure to turn these features on.

Keep your shopping accounts secure with a password manager.

Most online stores want you to create an account before purchasing an item. It’s easy to use the same password for every online store. But I urge you to NOT do that, and instead, get a password manager.

A password manager will not only help you generate a strong password, but it’ll also store it in your personal password vault. Not only that, but a password manager will simplify and secure your login process.

Our new acquisition, MRW Systems, has a fantastic blog post about everything you need to know about password managers. To learn more, follow this link.

Don’t fall for phishing emails.

Phishing attacks are fraudulent communications that appear to come from a reputable source. The goal of a phishing attack is to steal sensitive data, like credit card and login information, or to install malware on the victim’s machine.

The best defense against phishing attacks is end-user education and a comprehensive spam filter. Unfortunately, some phishing emails will make it to your inbox even with top-tier protection.

Here are some tips on spotting a phishing email:

  • Who is the real sender? Make sure the sender’s name in the “From” field matches the address between the brackets. If it’s a legitimate company, the sender should not be using a public account, like Gmail, Yahoo, etc.
  • Check the greeting. Phishing emails will often address the receiver as “valued customer” or something similar. Remember, if this email is real, the sender should have your correct information on file.
  • Use your mouse hover. Hackers use fake sites to steal your information. Hover over an email link to see the full URL it will direct you to. Do NOT click the link. If the address isn’t where you’d expect to go, don’t click it.
  • What do they want? Legitimate companies will never ask for personal credentials via email. You should never email your Social Security number, passwords, or other sensitive information.
  • When in doubt, don’t click. If you do not know whether an email is real or fake, don’t click it.

Use a credit card, not a debit card.

Credit cards have extra legal defenses built in that make them safer to buy stuff with than debit cards. With a credit card, you aren’t liable if someone makes fraudulent credit card transactions.

On top of that, credit cards give you more leverage when it comes to disputing transactions with the seller.

Shop at websites you trust.

And to close out our holiday online shopping security tips, play it safe. Only shop at places you know and trust.

If you aren’t familiar with a company, do some research to make sure they are a legit company. The Better Business Bureau is a great place to start said research.


Enjoy your holiday shopping, but stay safe out there!


Request A Free Consultation

  • Hidden
  • This field is for validation purposes and should be left unchanged.