Top 10 Must-Know Security Tips to Avoid Holiday Online Shopping Scams

Hackers, phishers and fraudsters are rubbing their hands with glee as the festive season moves into top gear. Holiday time means spending more time online, whether it's just idle browsing or shopping for gifts. During the holiday season, there is always an increase in the activities of cyberthieves and you must take precautions to make sure the hacker "Grinch" does not steal your joy.

The jump in online traffic will no doubt be abused by malicious cyber crooks looking to illegally obtain the identities of unsuspecting online shoppers and steal their cash. Learning common phishing tactics and how cyber criminals steal your information is a good way of arming yourself and avoiding becoming the next victim this holiday season. Be aware of common red flags associated with potential phishing attacks. These may include suspicious URLs, misspellings and urgent requests for banking or personal information.

To stay safe online, we are sharing our top 10 essential security tips to keep you safe from holiday hacks. These tips will help you in your endeavor of shopping online not only during this holiday season but anytime that you use the internet.

  1. Stay focused on what you are looking for online and do not stray.

    Tempting offers will arrive in your e-mail inbox, but most times something will look out of place. Don't click on the links, especially if they're not from a well known vendor or organization. If in doubt, navigate to the website yourself to avoid scams and validate the offer from the organization.

  2. Benefit from the use of SSL Standards.

    Secure Sockets Layers (SSL) ensures that Internet transmissions are encrypted and the identity of the organization is verified. Consumers can verify if a site uses SSL via the "https://" in the address bar instead of the standard "http" format.

  3. Update your web browser software.

    If you're using a new or old computer, make sure you're using today's most advanced browsers. These will feature more advanced anti-phishing tools (e.g., EV SSL) than older browsers and will make it easier for you to stay safe while surfing the Net. By updating your web browser application, it will ensure that you have implemented the latest security features to avoid attacks that could lead to online identity theft.

  4. Find the golden lock or green bar on your web browser.

    Consumers should become familiar with the gold padlock on their browser, especially during the checkout process or when supplying personal information. This indicator should also be present when "https://" is displayed before a site's URL in the address bar. Some online retailers have even deployed advanced EV SSL (the highest level of security on the Web today). EV SSL turns most browsers' address bars green during secure transactions. Double-click the gold padlock and you will be able to verify the company name before the transaction is completed.

  5. Closely monitor your personal accounts.

    Keep a closer eye on your bank account during the festive season, particularly after purchasing products online. If your identity has been compromised, you may be able to limit your losses if the hack is identified early. Contact your credit card company or bank immediately if you suspect that your information was compromised of you have fraudulent charges on your account.

  6. Look for site credentials or accreditations.

    Respectable organizations will display an original site seal of their SSL certificate provider on their home page or during the checkout process. Click on the site seal to ensure its legitimate. Verify that the date and name of the organization are consistent with the website.

  7. Be Wi-Fi weary.

    It is best to avoid online transactions when connected to a public Wi-Fi. You never know who's listening in. Public Wi-Fi's are usually unlocked and open allowing any attacker to gain access to personal information or online transactions when connected to the same public network.

  8. Secure your purchases made with a credit card.

    Most online retailers require the three-digit Card Verification Value (CVV or CV2) number from your credit card. If they don't ask for it, do not complete the purchase. Take advantage of any built-in security features of your credit card. Check with your credit card company or banking institution to see if you have any extra security features offered with your account.

  9. Beware of browser plugins.

    The offer of a free toolbar for your browser may sometimes be too good to be true, but make sure you know who is providing the plugins and that they're not just a clever disguise for something malicious. Download and install browser add-ons or plugins from reputable sources such as the web browser company ie: for Firefox addons.

  10. Use logout logic.

    Be sure to log out of any websites that store personal account, banking information or your username and password. This is critical when using a public computer. It is recommended that a public computer not be used to log into personal accounts if you can help it.

As always, use common sense this holiday season. Many unscrupulous activities or unfortunate financial incidents happen due to negligence or the lack of taking the necessary steps to protect your personal information. Not only is it important to guard yourself online but also in the physical world. One notion in the physical world to take note of is, if you cannot find your credit card, then assume that it is lost and report it immediately. Be safe and have a happy holiday.


  • Toby Galino:

    Numbers 2, 3 and 4 are most crucial. Upgrading a browser is easy to neglect, and the irony is that most of the updates are "security related." Most banks and ecommerce sites have implemented Extended Validation SSL, so the URL turns green when you're logged in -- making it easier to spot phishing attempts, etc. Online phishing attempts can lead to some serious hardship if mistaken for the real thing, so I try to always take look at the website name for any added characters as well as the green URL which ensures I'm logged in via EV.

  • shopping store :

    Great tips. I'd like to add a couple. There's a trend now of certain merchants asking for photo copies of IDs. DO NOT DO IT. I needed to rent a wheel chair for my father recently and the company wanted to make a copy of my drivers license. Nope, I went elsewhere. And last week, my wife's bank wanted her to bring in a copy of my drivers license "just to have on file for checks I write to her from my business". Nope. She has had her account at this bank for 20 years and knows everyone who works there. I refused to allow her to make a copy of my license. Better to change banks---the service at B of A isn't that great anyway. And wouldn't a signature card suffice? Did they really need a copy of my drivers license? I don't think so. Remember, just because you are in a nice store or restaurant, doesn't mean your credit information is safe. There are a lot of people working in these places and the histories of many would scare the heck out of most people.

  • nike outlet:

    Online phishing attempts can lead to some serious hardship if mistaken for the real thing, so I try to always take look at the website name for any added characters as well as the green URL which ensures I’m logged in via EV.