News & Events

9 Tips to Keep Your Money Safe During Online Holiday Shopping (and Always)

Holiday shopping season is upon us and each year consumers lose billions of dollars from stolen payment card information.

Cybercriminals feast on the online shopping frenzy. Be prepared with these tips to keeping your hard-earned money safe this holiday season.

1. Use a Credit Card, Not a Debit Card

Using a debit card takes money directly from your bank account. Credit cards limit your liability for fraud or unauthorized use. When fraud occurs, you can retrieve your losses by disputing the charges with your credit card provider.

2. Online Payment Services

If allowed, use intermediary payment services like Google Pay, Apple Pay, or PayPal for purchases. These payment services make it so merchants are not directly given your credit card information.

3. Don’t Store Your Card Information on a Website

When a website asks if it should “remember” your payment card information, the correct answer is “no.” This feature is convenient, but it leaves you vulnerable if someone gains access to your account. The last thing you want is someone to access your account and “one-click” shop using your stored card information.

4. Frequently Monitor Account Activity

Regularly log in to your financial accounts to keep tabs on your account activity. If you notice anything questionable, report it right away.

5. Look for http “s” Before Purchasing

Not all sites are safe and secure. Ensure the site you are visiting is secure before purchasing by looking for the “https://” in the browser’s address bar. The “s” stands for secure and should appear on all web pages that require disclosing financial information.

6. Read the Reviews

Before you click “confirm purchase,” take the time to consider the reviews of a product to ensure the merchant and the merchandise are legitimate. If you feel a deal is too good to be true, it probably is. Scammers entice consumers with severely discounted prices to capture their financial information.

7. Be Wary of Emails or Texts Requesting Information

More and more attackers are trying to steal private information by sending emails or texts requesting that you confirm a purchase or account information. Legitimate businesses will not solicit sensitive information this way.

As a general rule, do not provide sensitive information through email or text and never click on links you receive out of the blue.

Directly contact the company that appears to have messaged you, rather than replying to the text or email.

8. Be Careful of Faked Websites

Scammers set up fake URLs that are just a letter or two off from popular sites. Users who normally type quickly and rely heavily on autocorrect are especially prone to landing on these fraudulent sites.

If you are unsure how to spell the name of a website, look for it by using a reputable search engine and double check the URL to make sure you are in the right place. (Remember the “https://” rule.)

9. Assume Public Wi-Fi Is Not Secure

Wi-Fi hotspots in coffee shops, libraries, airports, and other public places are convenient, but often not secure. Online shoppers don’t realize that cyber thieves can snatch their login credentials or other online data through Wi-Fi hotspots. Most free hotspots don’t encrypt the information you transmit. If a network doesn’t require a password, it’s safe to assume it is not secure.

Bottom Line

Take extra precautions while shopping this holiday season. Cybercriminals know we’re conducting more business online than ever and they’re looking for ways to target unsuspecting consumers. For more, visit the Cybersecurity and Infrastructure Security Agency’s Holiday Online Shopping webpage or watch the Federal Trade Commission’s video.