10 Tips to Stay Cybersafe during the Holidays

The holidays are a frantic time. Between balancing relatives, parties, and a mile-long wish list, more and more people are turning to online shopping to get their loved ones' gifts. But with online shopping comes online security, and in the holiday rush, it can be difficult to keep cybersecurity top of mind.

Before you venture out for your next online sale, follow these tips to stay cybersafe.

1.) Look out for fake online shops

Cybercriminals get better at what they do every day, and telling a legitimate site apart from a fraudulent one is not as easy as it used to be. Many fake sites pop up around the holiday season that use the same logo, style, and layout of trusted websites. However, rather than give you the amazing discounts they promise, these sites compromise your personal information instead.

To avoid getting scammed by a fake site:

  • Ensure the domain name is correct. If you're looking for a new Kate Spade purse, make sure you're shopping on www.katespade.com, not www.trendystyle.com.
  • Watch for spelling and grammar mistakes. Legitimate organizations have professional communicators and marketing companies working for them, so grammatical errors are rare.
  • Be skeptical if a deal seems too good to be true. It's very unlikely that Ray-Ban will offer a 90% discount on its products, so if you're on a site that offers those prices, it may be a scam.
  • Look up online reviews of the site. If you search for the site and it is a scam, there will likely be warnings from other people.
  • Make sure the website you're on begins with https, not http. The "s" ensures that any data sent over that connection is encrypted and cannot be read by hackers.
  • If in doubt, call the vendor and verify they are legitimate. If the site you're on doesn't have a contact number, that may be a red flag that it's fraudulent.

2.) Don't get caught by charity phishing scams

Many people feel charitable this time of year and will gladly donate to a good cause. But cybercriminals know this and will try to take advantage of that good will. They may send emails from a fake charity asking for donations, or send emails that seem to come from a legitimate charity but really link to malware or a scam site.

If you want to donate to charity, do so by contacting the charity directly or going straight to their website.

3.) Be careful with online wish lists

Online wish lists allow you to post what gifts you want online and share that with family and friends. Convenient - but also easy to compromise. Cybercriminals can target these sites to get your personal information, making you vulnerable to identity theft. They can also use items on your wish list to target you for phishing emails.

If you do use an online wish list, ensure that you have the privacy settings as high as possible.

4.) Watch for fake delivery emails

It's easy to lose track of what you ordered online, and many cybercriminals will count on that confusion to send phishing emails that imitate legitimate delivery companies. They'll send you an email that asks you to click a link to confirm delivery, but it's really a link to download malware or go to a scam site where they'll attempt to steal your personal information.

If you get one of these emails, always check the sender's email address to ensure that it's legitimate. If you still have doubts, go to the company's website to track your package instead.

5.) Be on the lookout for social media scams

Sometimes our Facebook friends will share a post about a huge sale from a well-known, high-quality brand. The language is typically urgent and promises huge discounts if you act now: "Just found Oakley sunglasses for $29.99!!! Get yours at www.suspiciouslink.com"

However, these are not legitimate deals. Many of these posts are from compromised social media accounts, and your friend may not even be aware of it. Don't click the links in any of these offers because it may take you to phishing sites or malware. If you know the person who posted the "deal," let them know their account may have been compromised.

6.) Don't click on pop-up ads or coupons

While you're browsing for a product, pop-up ads often appear promising steep discounts on all your favourite products. However, many of these pop-ups contain fake coupons, take you to malicious sites, or open you up to cyberattack.

If an ad for an amazing deal pops up while you're browsing, don't click on it. Just hit the "x" and continue to sites you know are legitimate.

7.) Keep an eye on QR codes

QR codes are two-dimensional matrix barcodes that are readable by smartphones. When scanned, QR codes can contain information, coupons, links to websites, or other product marketing materials. Unfortunately, anyone can make a QR code, and some cybercriminals have started creating codes that link to phishing or malware sites. They then print those codes on stickers and put them overtop of legitimate QR codes.

If you come across a QR code, double-check that it has not been tampered with before you scan it.

8.) Be wary of spam texts

Our email filters are pretty good at catching spam, but our smartphones haven't quite caught up. Many fraudsters will send mass texts promising big discounts on high-quality brands, often written in urgent language, poor grammar, and with an abundance of emojis and punctuation.

If you get a message like this, do not reply to it because you will be alerting the sender that your phone number is active. The best action is to ignore and delete, and if your phone gives you the option, mark it as junk.

9.) Avoid shopping on public WiFi

Public WiFi is convenient, but it's also insecure. Anyone can gain access to a public network to compromise your Internet traffic, monitor your activity, and steal your personal information.

If you have to use public WiFi, avoid sharing any personal information while you're connected to that network. Save your online shopping for when you're home and on a secure WiFi connection.

10.) Update, patch, and tighten cybersecurity before shopping online

While there are some risks to shopping online, they can be mitigated by being aware, staying vigilant, and taking necessary precautions.

Before you buy something online, make sure that the operating system and software on your computer are up-to-date. Download a cybersecurity program if you don't already have one. And if you're shopping online through mobile instead of desktop, ensure that your phone has all the latest updates and is running a cybersecurity program.