How To Protect Yourself When Holiday Shopping Online

online shopping

Online shopping continues to get better and better for Canadian consumers. Unfortunately, the ease and convenience of online shopping makes the holiday season the perfect time for cyber-criminals to commit fraud and steal information from unsuspecting online shoppers. Three common ways that attackers take advantage of online shoppers are:

  • Creating fraudulent sites and email messages

  • Intercepting insecure transactions

  • Targeting vulnerable computers

Fortunately, many cyber-threats are avoidable. When you shop in person, it's habit to bring reusable bags, lock the car, and put away your cash or credit card when you’re done with your purchase. Similar habits can protect you, your purchases, and your identity when you're shopping online during the holiday season and year-round:

  1. Shop reliable websites, and get there safely. If an offer sounds too good to be true, it probably is! Don't be fooled by the lure of great discounts by less-than-reputable websites or unknown sellers. Use the sites of retailers you know and trust, and get to their sites by directly typing a known, trusted URL into the address bar instead of clicking on a link.

  2. Beware of seasonal scams. Fake package tracking emails, fake e-cards, fake charity donation scams, and emails requesting that you confirm purchase information are particularly common this time of year. Again, use known, trusted URLs instead of clicking on links.

  3. Conduct research. There are a lot of fake and malicious companies out there this time of year. When considering a new website or online company for your holiday purchases, read reviews and see if other customers have had positive or negative experiences with them. Also verify the website has a legitimate mailing address and a phone number for sales or support-related questions. If the site looks suspicious, call and speak to a human.

  4. Always think twice before clicking on links or opening attachments -- even if they appear to be from people you know, legitimate organizations, your favorite retailers, or even your bank. Messages can easily be faked. Once again use known, trusted URLs instead of clicking on links. And only open known, expected attachments. When in doubt, throw it out!

  5. Keep clean machines! Before searching for that perfect gift, make sure your device, apps, browser, and anti-virus/anti-malware software are patched and up to date. Consider using a VPN when purchasing online, and never make purchases using public WIFI.

  6. Protect your passwords. Make them long and strong, never reveal them to anyone, and use multi-factor authentication (MFA, also called two-factor or 2-step authentication) wherever possible. Google Authenticator is one to check out.

  7. Look for https:// (not http) in the address bar before using your credit card online. The 's' tells you the web page has privacy protection installed and will mask any data shared. Ensure the lock symbol is present as well. If there isn't, use caution and consider using apple or google pay as an extra layer of security.

  8. Check your credit card and bank statements regularly. These are often the first indicators that your account information or identity has been stolen. If there is a discrepancy, report it immediately.

    • Stay safe with text alerts. Most banking apps and sites provide the option to set alerts, such as a text message for every transaction over a specified dollar amount or a daily text summary of your current balance. Set these alerts and use them to spot signs of unusual activity.

    • Also check your credit report at least annually. Both Equifax and TransUnion have free reports, if not heavily advertised.

Online shopping doesn't have to be scary. Using caution and being cyber security savvy can keep you safe while shopping online.

Happy Holidays!