Starting in early November, pre-holiday-season email campaigns were already starting to hit my inbox. The National Retail Federation’s survey on the holiday shopping season, which includes Black Friday and Cyber Monday, shows an estimated increase of up to 4.8% in spending this year compared with 2017. The majority of consumers surveyed, 55%, stated they will shop online—equaling the number intending to shop in department stores.
As shopping moves online, it’s also getting more mobile: mobile web and in-app purchases now account for 61% of online transactions, leaving just 39% of online shoppers using desktop devices, according to data from Criteo’s Global Commerce Review.
Cybercriminals also seek to take advantage of this shift to online shopping and grab the opportunity to make more money with fraudulent phishing emails, scams and fake websites. With the ever-increasing number of data breaches exposing your personal information and payment card data, it’s never been more important to stay vigilant. Below are 9 tips to staying safe when shopping online this holiday season:
1. Shop with retailers you recognize. If you see an offer in a promotional email or in search results that is too good to be true, then it probably is. Finding an item from an unrecognized vendor with the best price and immediate shipping is cause for concern. Limit your online shopping to websites of online retailers that you recognize and trust.
2. Look for the padlock and, on a desktop device, the https:// at the beginning of the website address. These indicate that communication between you and the site is encrypted and any data you send can’t be seen by anyone intercepting the traffic.
3. Don’t make purchases while using public Wi-Fi networks. They are indeed “public.” Hackers can lurk on public networks and intercept traffic or redirect you to sites that may look like the one you expected but are fake. Also, in public places, someone can look over your shoulder and copy your password and account information as you type it in.
If you need to make a purchase when not at a secure Wi-Fi location (such as your home), utilize your cell phone’s mobile network—not a public Wi-Fi hotspot. Using your cell phone’s mobile network provides a private internet connection.
4. Use secure payment services like Apple Pay, Android Pay, PayPal or other trusted payment methods. Never use a debit or credit card that is linked to your primary bank account. If you are using a credit card, make sure it has a low spending limit to reduce the risk of fraud.
5. Be cautious of email offers. Cybercriminals can create elaborate phishing campaigns that look like those of a trusted brand but actually take you to a fake site. Instead, open a browser and type in the website address yourself.
6. Never over-share personal data. If you don’t purchase often from a retailer, check out as a guest rather than creating an account. Reducing the number of people storing your data will help reduce your risk of being affected by a breach. Limit shared data to the essentials—it’s unlikely a site needs your SSN, so don’t include it.
7. If you do create an account, protect it with two-step authentication. This ensures that in addition to requiring a password, the company will text a code to you to verify your identity.
8. Review bank and credit card statements to ensure your account has not been compromised. You can also “opt in” to smartphone notifications of transactions.
9. Keep your devices up to date and have security software installed and fully operational. Software updates fix known vulnerabilities, so be sure to install them when prompted.
