The number of people doing their holiday shopping online is expected to rise again this year, with 59% planning to go the e-commerce route for their gift giving.
As the number of online shoppers continues to grow, the appeal for cybercriminals to target them grows as well, leading to the development of new tactics to circumvent antivirus software, beat web filters, and confuse targets into giving up secrets.
It's easier than ever to fall prey to cyber scams—even the most well-trained can fall for a perfectly executed attack.
With that in mind, here's an update to last year's holiday shopping safety guide that takes new 2017-style attacks into account. Hackers move fast—potential victims need to be faster.
1. Don't trust your holiday shopping to mobile apps
54% of online holiday shopping traffic is predicted to come from mobile devices, making them the primary target for many cybercriminals. Fake apps, therefore, are a great way for cybercriminals to part you from your holiday bonus.
Fake shopping apps pop up regularly, but this is the time of year to be especially aware of the risks they bring. If you want to be extra safe don't even try to download a company's online shopping app—just go straight to its website and do your shopping there.
An app might be simpler, especially one downloaded from a reputable source, but you're better off not downloading one at all.
2. Dig up hard-to-find items on well-known sites
I can't count the number of times I've bought a cheap computer component from a downright unknown company. Did I order direct? No way—I went to Amazon and looked for a cheap version of say, a Bluetooth adapter, so I knew I was buying from a reputable place that wasn't likely to scam me.
SEE: Infographic: How to identify and avoid phishing attacks (TechRepublic)
If you're looking for something tricky to find, or a generic item like an adapter, go with a reputable vendor—it's better to pay a buck more than to wind up with a bunch of extra charges on your account.
3. Protect your web browser with extensions, updates
Advertisements, said Menlo Security CTO Kowsik Guruswamy, are one of the major malware risks to internet users. He says you should install an adblocker and use it on unfamiliar or questionable sites to ensure your holiday shopping is safe. He also recommends a transparency extension like Lightbeam, which keeps an eye on who (and what) is tracking you online.
Also be sure to keep your web browser up to date: A security patch may be all that stands between you and disaster.
4. Don't sign up for any new loyalty programs, even for a discount
If a site has an indemnity policy against things like the theft or selling of personal data—even your credit card number—you're better off shopping elsewhere.
5. Put a web filter between you and the internet
DNS provider Quad9 uses databases of disreputable websites from nearly 20 security vendors to put a filter between your computer and those who want to harm you. If you click a bad link or otherwise try to open a bad webpage it stops the traffic and tells you what's going on.
SEE: New Microsoft tech support scam can turn a user into a victim with one click (TechRepublic)
It's free, and it's easy to set up. There's no reason not to add this extra layer of security to your holiday shopping.
6. Get a password manager
Changing your passwords after holiday shopping is a good idea, but what's even better is having a password manager that can make your browsing experience more secure. We've recommended a few good ones here at TechRepublic before: Pick one out and get used to using it.
- Cybercrime industry growing rapidly, cybersecurity can't keep up (TechRepublic)
- Google Chrome can now spot even brand new phishing pages (ZDNet)
- 10 browser extensions to keep you safe on the web (TechRepublic)
- Google Chrome under attack: Have you used one of these hijacked extensions? (ZDNet)
- Special report: Cybersecurity in an IoT and mobile world (free PDF) (TechRepublic)
- Identity theft protection policy (Tech Pro Research)
Brandon Vigliarolo has nothing to disclose. He does not hold investments in the technology companies he covers.
Brandon writes about apps and software for TechRepublic. He's an award-winning feature writer who previously worked as an IT professional and served as an MP in the US Army.