In 2015, Statistica reported that holiday season desktop retail e-commerce spending in the United States amounted to 56.43 billion U.S. dollars with the most money being spent online on Cyber Monday. That year, Cyber Monday became the biggest U.S. online shopping day ever with close to 2.3 billion U.S. dollars in online spending. You know what that means? This year, those metrics are predicted to increase even more...and hackers are going to take advantage of that.

Typically around the holiday season, cybercrime activity increases substantially with phishing scams being the long time favorite method for attackers. However, there are a number of potential threats online shoppers need to be aware of. Here’s three questions to ask yourself before you start your Cyber Monday and online holiday shopping.

Is that website secure?

You see that little padlock icon in the address bar of your browser? Or maybe you've seen one of those Google notifications right in search results saying "This site may be hacked." Pay attention to those messages and don't use websites that aren't "https" or have SSL certificate errors. You can even click that padlock to find out what information is being shared and what the potential security risks might be. Pay the most attention to online cart checkout pages. You're entering your credit card information here, so it better be a secure connection.

Is the deal too good to be true?

You can snag some good Black Friday and Cyber Monday deals, but if it seems too good to be true then you might want to double check to make sure it's not a phishing scam. Attackers will try to impersonate popular online retailers and attempt to get you to click on malicious links in emails. A good rule of thumb? Don't click on the link in the email, but go to the website by directly entering the URL in your browser (don't copy and paste). You can also do a search for something like "Gap Cyber Monday Sale" or "Gap Cyber Monday Scam" to see if others are reporting any findings. Also be aware of order confirmation emails. If it's asking you to "click to confirm your online order" it might also be a scam (even if you did just submit an order).

Here's an email supposedly from PayPal urging the user to confirm their account information to access all benefits. But if you look closely, the email address doesn’t appear to come from anyone at PayPal. And PayPal would never force you to update this information within the next 24 hours. It looks legit though, doesn’t it? These emails can be pretty crafty. Especially if you happen to use PayPal for your online holiday shopping.

Are you keeping an eye on your bank accounts?

We spend a lot during the holiday season…an average of $830 per shopper, in fact. It's easy to miss a few unauthorized charges on your credit card. The threat isn't only online, either. An attacker might also obtain your credit card details from organizations using insecure POS systems when you swipe your credit card in the store, something completely out of the shopper's control. Especially during the holiday season, keep an eye on your credit card and bank accounts. For all online shoppers, follow standard online security best practices such as using secure passwords and enabling 2FA for your online accounts if available. Nothing ruins a holiday more than finding out you've been hacked. Asking yourself these three simple questions will help you keep your credit card and bank account information out of the hands of attackers this holiday season and year around.

Get The Full Online Holiday Shopping Guide

Want more tips for safe online holiday shopping? The full guide has even more ways you can keep your information safe when shopping online this holiday season.

×

Get a monthly digest of our blog posts