With the mad Christmas shopping season not far away, don’t forget to stay safe online during this time of year. Being prepared can save you from a financial or privacy nightmare.

Here are some of the most critical safety tips to improve your online holiday shopping.

Check For Updates Before You Shop

All devices (including computers, phones and tablets) that haven’t been updated are vulnerable. Like most people, you may not want to wait for a 10-minute system update, but it is going to keep you more secure.

Hackers often use vulnerabilities found in devices to access systems. Updates will  patch all known vulnerabilities, and thus reduce your risk. Make sure to install all updates immediately to help secure your systems.

Double Check the Site URL

We all make typos from time to time, especially when typing and one small typo can land you on a copycat site (such as Amazonn(dot)com).

Criminals purchase domains that are close to the real ones for popular retailers and then try and fool users to enter their private details on these sites

Take those extra few seconds to double-check that you have gone to the correct website.

Make Sure the Site Is Secure (check for HTTPS)

Secure browsing is the norm now so check out if the website is using HTTPS instead of  HTTP  (ie no S on the end). HTTPS means that a website encrypts all data to and from the site. You should NEVER shop on a website that doesn’t use HTTPS in the address bar. Another indicator for a secure site is a small lock icon in front of the website address.

Remove Any Saved Payment Details After Checking Out

There are many websites (including big ones like Amazon) that automatically save your payment card details. It may make your next purchase more convenient, but it puts you at a much higher risk. A hacker with access to your device or account could make purchases or a data breach of the retailer will create a data leak containing your payment details.

The fewer databases you allow to store your payment details, the better for your security. Thus, during the ordering make sure you don’t select the save payment option and if it is already saved, remove your payment card from the site – you may need to go to your account settings to do this.

Do Not Click On Links In Emails

It may be annoying to have to type in “amazon.com” rather than just clicking a link in an email, but it won’t be as annoying as having your credit card details stolen! Phishing scams are at an all-time high and if you click on an email link to a malicious site, it can start an auto download of malware and capture passwords and payment details that you enter.

It is best to be sure and avoid clicking links by entering in the website URL directly. If you want to make things easier, save the sites you frequently use as bookmarks in your browser. This is much safer than clicking a text or email link.

Use a Wallet App Where Possible

It is always a risk when you enter your debit or credit card on a website. The risk is even higher when you are on a new website. Where possible, buy using a wallet app or PayPal. This will eliminate the need to give your payment card details directly to the website. Instead, you share them with the wallet app service provider (Apple Pay, Google Pay, PayPal, etc.) and the retailer does not see them.

Never Shop When On A Public Wi-Fi Network

You need to treat all public wireless networks as insecure as people who control the network as well as other users on the network may be scanning all traffic. They can see everything you type in and as such passwords and credit card information is unsecured.
Never shop online when you are connected to a public network. Instead, switch to your mobile carrier’s connection.

Enable Alerts & Regularly Check Your Account

Regularly check your account and look for any suspicious charges that could signal a breach. See if you can set up banking alerts through your online banking app or by contacting your bank.

Depending on your bank you may be able to setup alerts or block actions such as:

• When a purchase occurs over a specified amount.
• When a purchase occurs from specific countries.
• Where an purchase occurs from a specific retailer (ie adult material, gambling or alcohol).

Be On High Alert for Brand Impersonation Emails & Texts

Phishing scammers were very active during the holiday shopping season of 2021 and there was a 397% increase in typo-squatting domains connected to phishing attacks!
While you need to be careful all the time about phishing, it is even worse during the holiday season. Attackers know that people are expecting retailer holiday sales emails and use this knowledge to prey on the unsuspecting.

Hackers impersonate brands like Amazon, eBay and others and tailor their emails to look nearly identical to the real thing. They then trick you to click and/or log in to a malicious website.

Be on high alert for brand impersonation emails. This is another reason why it is always more secure to go directly to a site, rather than clicking a link in an email or SMS.

Malware is often deployed in holiday shopping scams. How secure are your devices from malicious apps and malware? Contact DP Computing today for a security check-up.