Skip to main contentSkip to main content
You have permission to edit this article.
Edit
spotlight

Shopping online this holiday season? Here's how you can protect yourself

  • 0

Cyber Monday is here, and while millions of Americans will be looking for the best deals the internet has to offer, cyber criminals will be hard at work looking to target online shoppers.

The holiday shopping season is a prime opportunity for bad actors to take advantage of unsuspecting shoppers through fake websites, malicious links, and even fake charities. Their goal is simple: get a hold of your personal and financial information to compromise your data, insert malicious software, steal your identity and take your money.

And if you think you're not worth being the target of such bad actors, think again. Criminals don't need to know how much is in your bank account to want to get into it. Your identity, your financial data, what's in your email -- it's all valuable, and cyber criminals will cast as wide a net as possible to get to anyone they can. In fact, they're counting on you to think thinking you're not a target.

At the Cybersecurity and Infrastructure Security Agency (CISA) we've put together a few easy steps to help prevent you from becoming a victim of cyber-crime this holiday season.

Start by protecting your devices

Mobile phones, computers, and tablets all ask you to install software updates, which include the latest security features and patches. Protect your devices by downloading the latest software updates. The easiest way to do this is to enable automatic updates.

Next, take a look at your online accounts and make sure they have strong passwords. Believe it or not, the most common password is "password" followed by "123456." Make sure you use different and complex passwords for each account. Consider using a password manager so you don't have to remember the complex alphanumeric combinations that make passwords harder to crack.

Turn on multi-factor authentication

The most important thing you can do to protect your online accounts is to implement multi-factor authentication. Your email, your online bank, social media accounts should all allow you to turn on multi-factor authentication. This means they'll use an additional piece of information to verify your identity. It can be something as simple as receiving a code via text message, but for even greater security, you can use a security key or authenticator app.

The bottom line with multi-factor authentication is that even if an attacker obtains your password, they may not be able to access your account. This extra step alone makes you 99% less likely to get hacked.

Shopping online this holiday season? Why you need to protect yourself

While millions of Americans will be looking for the best deals the internet has to offer, cyber criminals will be hard at work looking to target online shoppers.

Know how to spot phishing scams

Most of us receive emails from retailers about special offers during the holidays. Cyber criminals will often send phishing emails that are designed to look like they're from retailers but are actually designed to steal your information or infect your system with malware.

To avoid being a victim of a phishing scam, don't click links or download attachments unless you're confident of where they came from. If you're unsure if an email is legitimate, type the URL of the retailer or other company into your web browser as opposed to clicking the link.

Never provide your password, or personal or financial information in response to an unsolicited email. Legitimate businesses will not email you asking for this information. If you receive a suspicious email that you think may be a phishing scam, you can report it at us-cert.gov/report-phishing.

Trust your instincts! If it looks suspicious, it probably is. That's why before providing any personal or financial information, make sure you are interacting with an actual vendor.

Always use safe methods for purchases.

Always assume a public Wi-Fi network isn't secure, and therefore don't access sensitive personal or financial information if you need to use one. Look for "https" (versus just "http") in the subject line of a web address to confirm that a site is encrypted and keep your browser and security software up to date.

If you can, use a credit card as opposed to a debit card when making a purchase. Criminals can use debit cards to steal directly from your bank account, and while there are laws to limit your liability for fraudulent credit card charges you may not have the same level of protection for your debit cards and your bank account.

Since you'll likely make more purchases over the holiday season, be sure to check your credit card and bank statements frequently for any fraudulent charges. Immediately notify your bank or financial institution and local law enforcement if you see suspicious charges.

Ultimately, good cybersecurity is not about technology — it's about people

Your cyber safety should be treated like your physical safety. Stay vigilant, take the above steps to protect yourself, and trust your instincts. If you see something that doesn't look right, there's a good chance it isn't.

***

Watch Now: How to avoid gift card scams, and more videos to improve your life

Here are some ways you can avoid gift card scams over the holiday season, what to remember about building credit, and more videos to improve your life.

Be the first to know

* I understand and agree that registration on or use of this site constitutes agreement to its user agreement and privacy policy.

Related to this story

Most Popular

Hyundai Motor Group officials confirmed Friday the company will spend $5.5 billion on a huge electric vehicle plant near Savannah that will employ thousands _ a deal Georgia’s governor called the largest economic development project in the state’s history. Hyundai Motor Group CEO Jaehoon Chang made the announcement with Gov. Brian Kemp at the site of the future factory in Bryan County, where state and local officials purchased a flat, sprawling tract for $61 million last year in hopes of luring a major manufacturer. Hyundai said it plans to employ at least 8,100 workers at the Georgia plant, where it will assemble electric vehicles as well as vehicle batteries.

The U.S. government’s road safety agency has dispatched a team to investigate the possibility that a Tesla involved in a California crash that killed three people was operating on a partially automated driving system. The National Highway Traffic Safety Administration on Wednesday confirmed that it had sent a special crash investigation team to probe the May 12 crash on the Pacific Coast Highway in Newport Beach. The investigation is part of a larger inquiry by the agency into crashes involving advanced driver assistance systems such as Tesla’s Autopilot. Since 2016, the agency has sent teams to 34 crashes in which the systems were either in use or suspected of operating. According to a NHTSA document released Wednesday, of the 34, 28 involved Teslas.

Canada says wireless carriers in the country won’t be allowed to install Huawei equipment in their high-speed 5G networks. In announcing the decision Thursday, Canada joined the U.S. and other allies that previously banned the giant Chinese technology company. The U.S. government has been lobbying allies for years to exclude Huawei from new ultra-fast 5G mobile networks over worries that China’s Communist rulers could compel the company to help with cyberespionage. The U.S. has warned that it will reconsider intelligence sharing with any countries that use Huawei gear. The company has repeatedly denied the allegations.

Network TV’s fondness for reality fare and reboots combine in “The Real Love Boat,” a sea-going dating show that’s part of the CBS fall schedule announced Wednesday. Described as a “romance adventure competition,” the series credits as its inspiration the popular and kitschy comedy-drama “The Love Boat,” which aired from 1977-86 on ABC. “The Real Love Boat” will follow returning shows “Survivor” and “The Amazing Race” on Wednesday this fall, a rare all-reality night for CBS. The network is also launching three new scripted series. There's a police drama, “East New York”; “Fire Country,” about a convict-firefighter, and a legal comedy-drama, “So Help Me Todd."

The United States and Britain are accusing Russia of spreading disinformation online and manipulating public opinion about the war in Ukraine. The two countries vehemently rejecting Russian claims that the West is aiming to control all information flows and define what is true or untrue. Britain’s deputy ambassador James Roscoe told a U.N. Security Council meeting on the use of digital technologies in maintaining peace that Russia has conducted cyber-attacks and used “an online troll factory to spread disinformation and manipulate public opinion about their war.”  U.S. Ambassador Linda Thomas-Greenfield says the Russian government continues to “censor content” and "intimidate and arrest journalists for reporting the truth about its invasion.”

Two high-level speakers at the World Economic Forum gathering say Afghanistan’s most urgent need is saving its economy from complete collapse. U.N. Development Program administrator Achim Steiner said Monday in Davos that “we cannot abandon 40 million Afghans simply on the principle of moral outrage.” The Taliban’s takeover of Afghanistan nine months ago and the hasty U.S. withdrawal of its troops triggered economic fallout. Some argue that aid to Afghanistan should be made conditional to ensure the protection of women’s rights. Pakistani Minister of State for Foreign Affairs Hina Rabbani Khar says that while her country views Taliban curbs to women’s rights as a threat, she asked what would happen to Afghans “in order to appease our conscience.”

Stocks wavered in afternoon trading on Wall Street Thursday as persistently high inflation continues to weigh on the economy and keeps major indexes mired in a deep slump. The S&P 500, the benchmark for many index funds, slipped 0.3%. It's down roughly 18% from the record high it set early this year, nearly at the 20% point that defines a bear market. Investors are worrying that the soaring inflation that's hurting people shopping for groceries and filling their cars up is also walloping company profits. Target fell again, a day after losing a quarter of its value on a surprisingly large drop in profits.

President Joe Biden tended to both business and security interests as he wrapped up a three-day visit to South Korea on Sunday. Biden showcased Hyundai's pledge to invest at least $10 billion in electric vehicles and related technologies in the United States. He also visited Osan Air Base, where thousands of U.S. and South Korean service members monitor the rapidly evolving North Korean nuclear threat. Biden says the U.S. is ready for any provocation that North Korean leader Kim Jong Un might deliver while Biden is touring the region. Japan is the next stop on Biden's trip to Asia.

Ukrainian guerrilla fighters reportedly have killed several high-ranking Russian officers in the southern city of Melitopol. That information comes from the regional administration on Telegram. Russian forces have occupied the city since early in the war. According to the regional administration, the occupiers are trying to conceal the situation but Russian troops were more actively checking private cars in the city Tuesday, most likely looking for the guerrillas.” No details of the killings were given and the report could not immediately be confirmed. Throughout the war, the Ukrainians have claimed to have killed many Russian generals and other officers. A few of the deaths have been confirmed by the Russians.

President Volodymyr Zelenskyy devoted his nightly video address to Ukraine’s demand that Russia be held financially responsible for the damage its forces are inflicting on Ukraine. Just on Friday, he noted, the Russian army fired a missile at the northeastern Kharkiv region, destroying a cultural center in Lozova, and also hit the cities of Odesa in the south, Poltava in the east and Zhytomyr in the west. Zelenskyy said Russia should pay for every home, school, hospital and business it destroys. He said a legal mechanism should be created through which everyone who suffered from Russia’s actions could be compensated.