Top tips for safe online holiday shopping

Dec 20, 2016, 14:15 PM by Bob Shaffer, director, UTMB’s Office of Information Security

As you make holiday purchases online, remember to think before you connect. With the uptick in website traffic, the holiday season is the perfect time for attackers to target online shopping sites and steal personal information for the purpose of identity theft and financial fraud. Follow these simple tips to keep your season merry and reduce the risk of becoming a cybercrime victim:

  1. Use only trusted devices when conducting online transactions involving your personal or financial information. Ensure your devices are using updated operating systems—Windows 7 or above for PCs, 10.6 or above (Snow Leopard) for Macs, and the most recent OS for iPhone and Android devices. Install security software and enable automatic updates for antivirus and system updates.
  2. Use strong passwords on your devices and online accounts (six to eight characters with upper/lower case letters and numbers). Use different passwords for each of your online accounts, especially banking or financial/credit accounts.
  3. Scrutinize all emails that ask you to click on a link. If an email asks you to click on a link, validate that the link is really taking you to the site it is advertising. Hovering your cursor over the link will tell you where it’s taking you. Validate again after you’ve clicked on the link by looking at the website address in your browser.
  4. Make sure sensitive information is transmitted securely. Before you click on the “submit” button, make sure that the internet address in your browser begins with “https.” The “s” at the end of https indicates that the information will be transmitted securely.
  5. Be wary of deals that are too good to be true. Cyber criminals routinely offer unbelievable deals to lure consumers to a website in an attempt to steal personal information. As the old adage goes, if it looks too good to be true, it probably is.
  6. Don’t conduct personal business on unsecured public Wi-Fi. Always be cautious when using public Wi-Fi and avoid doing sensitive transactions. If you must do a transaction, ensure that it is secure. Remember https: The “s” is for secure.
  7. Only exchange personal information with reputable sites. Stick with well-known sites. Research new sites before using them.
  8. Provide only the minimum amount of information to conduct a transaction. Organizations that ask for more information than is needed to process a transaction raise a red flag. If a website is asking for a Social Security number to purchase a pair of shoes, you need to go somewhere else for that purchase.
  9. Use credit cards instead of debit cards for online purchases. Credit cards are generally safer because they allow consumers to seek a refund from the issuer if the product isn’t delivered or isn’t what was ordered. You should also consider enabling alerts on your debit/credit cards. Most financial institutions can send you text/email alerts when a predefined dollar threshold is exceeded or an online purchase is made.
  10. Keep a trail of all online transactions. Reconcile online purchases with financial statements as soon as you get them to make sure there aren’t any unauthorized charges. Notify your bank or credit card issuer immediately to report unknown charges.