Security

6 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online

The holiday season isn't just busy for shoppers--it's busy for cybercriminals too. Here's a continuation of last year's holiday shopping safety guide with more ways to stay safe.

The number of people doing their holiday shopping online is expected to rise again this year, with 59% planning to go the e-commerce route for their gift giving.

As the number of online shoppers continues to grow, the appeal for cybercriminals to target them grows as well, leading to the development of new tactics to circumvent antivirus software, beat web filters, and confuse targets into giving up secrets.

It's easier than ever to fall prey to cyber scams—even the most well-trained can fall for a perfectly executed attack.

With that in mind, here's an update to last year's holiday shopping safety guide that takes new 2017-style attacks into account. Hackers move fast—potential victims need to be faster.

1. Don't trust your holiday shopping to mobile apps

54% of online holiday shopping traffic is predicted to come from mobile devices, making them the primary target for many cybercriminals. Fake apps, therefore, are a great way for cybercriminals to part you from your holiday bonus.

Fake shopping apps pop up regularly, but this is the time of year to be especially aware of the risks they bring. If you want to be extra safe don't even try to download a company's online shopping app—just go straight to its website and do your shopping there.

An app might be simpler, especially one downloaded from a reputable source, but you're better off not downloading one at all.

2. Dig up hard-to-find items on well-known sites

I can't count the number of times I've bought a cheap computer component from a downright unknown company. Did I order direct? No way—I went to Amazon and looked for a cheap version of say, a Bluetooth adapter, so I knew I was buying from a reputable place that wasn't likely to scam me.

SEE: Infographic: How to identify and avoid phishing attacks (TechRepublic)

If you're looking for something tricky to find, or a generic item like an adapter, go with a reputable vendor—it's better to pay a buck more than to wind up with a bunch of extra charges on your account.

3. Protect your web browser with extensions, updates

Advertisements, said Menlo Security CTO Kowsik Guruswamy, are one of the major malware risks to internet users. He says you should install an adblocker and use it on unfamiliar or questionable sites to ensure your holiday shopping is safe. He also recommends a transparency extension like Lightbeam, which keeps an eye on who (and what) is tracking you online.

Also be sure to keep your web browser up to date: A security patch may be all that stands between you and disaster.

4. Don't sign up for any new loyalty programs, even for a discount

Guruswamy also said that loyalty programs, or sites that want any data outside of what's necessary for a purchase, should be looked at with skepticism. "In many cases they might be selling consumer information to 3rd parties," he said, so be sure you're looking at the site's privacy policy before giving it anything.

If a site has an indemnity policy against things like the theft or selling of personal data—even your credit card number—you're better off shopping elsewhere.

5. Put a web filter between you and the internet

DNS provider Quad9 uses databases of disreputable websites from nearly 20 security vendors to put a filter between your computer and those who want to harm you. If you click a bad link or otherwise try to open a bad webpage it stops the traffic and tells you what's going on.

SEE: New Microsoft tech support scam can turn a user into a victim with one click (TechRepublic)

It's free, and it's easy to set up. There's no reason not to add this extra layer of security to your holiday shopping.

6. Get a password manager

Changing your passwords after holiday shopping is a good idea, but what's even better is having a password manager that can make your browsing experience more secure. We've recommended a few good ones here at TechRepublic before: Pick one out and get used to using it.

istock-502524168.jpg
Image: iStock/Makidotvn

Also see

About Brandon Vigliarolo

Brandon writes about apps and software for TechRepublic. He's an award-winning feature writer who previously worked as an IT professional and served as an MP in the US Army.

Editor's Picks

Free Newsletters, In your Inbox