8 Tips to Stay Cybersafe during the Holidays

Keep the holidays bright by following these best practices.

Originally published December 1, 2021

Shopping online for the holidays has become the norm  as we enjoy searching for gifts for loved ones from the comfort of our own home. In fact, by 2024 e-commerce growth is expected to grow by 9.4 per cent and is forecasted to hit a staggering $8 trillion by 2027.

But with online shopping comes online security, and in the holiday rush, it can be difficult to keep security of your personal information top of mind. And while cyber attacks can happen any time of the year, they tend to increase during the holidays; with some sources reporting a 200 per cent spike in cyber attacks on e-commerce sites as we approach the holiday season.

Before you look for your next online sale, follow these tips to stay cybersafe and protect your personal information.

1. Look out for fake online shops
Cybercriminals get better at what they do every day, and telling a legitimate site apart from a fraudulent one is not as easy as it used to be. Many fake sites pop up around the holiday season that use the same logo, style and layout of trusted websites. However, rather than give you the amazing discounts they promise, these sites compromise your personal information instead. 

2. Don’t get caught by charity phishing scams
Many people feel charitable this time of year and will gladly donate to a good cause. But cybercriminals know this and will try to take advantage of that good will. They may send emails from a fake charity asking for donations or send emails that appear to come from a legitimate charity but really link to malware or a scam site.

If you want to donate to charity, do so by contacting the charity directly or going straight to their website.

3. Watch for fake delivery emails
It’s easy to lose track of what you ordered online and many cybercriminals will count on that holiday confusion to send phishing emails that imitate legitimate delivery companies. They may send you an email that asks you to click a link to confirm delivery or track your package, but it’s really a link to download malware or go to a scam site where they’ll attempt to steal your personal information.

If you get one of these emails, always check the sender’s email address to ensure that it’s legitimate. If you still have doubts, go to the company’s website to track your package instead. 

4. Be on the lookout for social media scams
Sometimes our Facebook friends will share a post about a huge sale from a well-known, high-quality brand. The language is typically urgent and promises huge discounts if you act now: “Just found Oakley sunglasses for $29.99!!! Get yours at www.oakley.suspiciouslink.com.”

However, these are not legitimate deals. Many of these posts are from compromised social media accounts and your friend may not even be aware of it. Don’t click the links in any of these offers because it may take you to phishing sites or malware. If you know the person who posted the “deal,” let them know their account may have been compromised. 

5. Don’t click on pop-up ads or coupons
While you’re browsing for a product, pop-up ads often appear promising steep discounts on all your favourite products. However, many of these pop-ups contain fake coupons, take you to malicious sites, or make you vulnerable to a cyberattack.

If an ad for an amazing deal pops up while you’re browsing, don’t click on it. Just hit the “x” and continue browsing sites you know are legitimate.

6. Be wary of spam texts
Our email filters are pretty good at catching spam, but our smartphones haven’t quite caught up. Many fraudsters will send mass texts promising big discounts on high-quality brands, often written in urgent language, poor grammar and with an abundance of emojis and punctuation.

If you get a message like this, do not reply to it because you will be alerting the sender that your phone number is active. The best action is to ignore and delete, and if your phone gives you the option, mark it as junk.

7. Review your credit card statements
When shopping online, or using your credit card for any online activity, make it a habit to review your credit card statements regularly. This will allow you to spot discrepancies and unusual or unauthorized charges quickly. If you find suspicious activity, report it to your credit card company and financial institution immediately. It’s also recommended that you set up notifications to inform you of any transactions or changes to your bank accounts.

8. Avoid public Wi-Fi and computers when online shopping
Since public Wi-Fi doesn’t require authentication, anyone can access it, including cyber criminals. They can put themselves between you and the connection point, gaining access to the data you’re sending into the hotspot. If you have to use public Wi-Fi, activate a Virtual Private Network (VPN) for that extra layer of protection, as it hides your IP address and activities.

For these same reasons, it’s best not to use public computers when shopping online, transacting with your credit card or logging into your personal accounts.


Check out more tips for keeping your information secure on the University of Alberta’s Chief Information Security Officer website.