Go back to All Blog posts

10 Ways to Avoid Online Shopping Scams on Cyber Monday and Beyond

Tally Netzer
November 29th, 2021
10 Ways to Avoid Online Shopping Scams on Cyber Monday and Beyond

Cyber Monday and the holiday shopping season are around the corner: don’t be the victim of an online shopping scam or cyber security breach.

Cyber Monday is here, and the holiday shopping season is in full swing. With some of the world’s biggest brands vulnerable to a Magecart attack, you can’t be too careful with your credit card information. Magecart attacks occur when a hacker compromises a third-party platform to steal payment details or other personal information typically entered through forms by the consumer.

Hackers can also steal your personal information by getting into a company’s database or even asking you for it directly through a phishing email.

If you’re doing most of your shopping online this year, don’t be the victim of an online shopping scam or cyber security breach. Here are 10 ways to keep your information secure and have a successful online shopping season over the next few weeks.

Update your device software

When was the last time you updated your laptop? Have you been dreading the downtime as your phone updates? Before you shop on Cyber Monday, it’s time to bring everything up to date.

Many software developers design updates to protect users from potential security threats. Using old software actually makes your devices less secure, giving hackers the opportunity to exploit vulnerabilities. When you use the latest update, hackers have to find new and different ways to get through it.

So set those updates to run while you’re enjoying your Thanksgiving dinner or watching the game, then hop online with the latest protection from viruses and malware.

Avoid phishing attacks: don’t click on emails

A phishing attack occurs when the receiver sends personal data to a malicious actor either by sending it in reply to the email or clicking a link leading to a deceptive website. These emails often look like they came from a legitimate source, but one letter in the email address may be different from the brand name.

They will often send you to a legitimate-looking website with the correct logo and colors, but the website might be incorrect, again.

Do not enter your login details through a link in an email unless you specifically requested the link.

Look for HTTPS

To ensure you’re shopping on a secure website, look for the SSL in the domain indicated by HTTPS (instead of HTTP). If you try to access a website without an SSL, your browser may actually warn you that the site is unsafe: do not enter your credit card information unless you’re confident in the website’s security.

Shop in your browser, not an app

While shopping with an app may be convenient, it brings that company one step closer to your device if a breach occurs. If you do choose to shop with an app, make sure you download it from an official app store.

Official app stores often have security measures in place that won’t allow malicious code to be built into the app. However, you must keep your device software updated to ensure it stands up to all the risks.

Don’t give an app complete access to your devices: shop through a browser to keep things simple and secure.

Use a strong password

While checking out as a guest is typically the most secure option for Cyber Monday shopping, you may choose to create a login for sites you visit frequently.

Make sure you are using different, strong passwords on each website. If hackers breach one site, they may sell your email address and password online, and you don’t want other malicious actors to gain access to more accounts because the passwords match.

Never save your credit card data

Never saving your credit card data helps you in two ways during your holiday online shopping: first, your data is less likely to be stolen in a breach. Second, you’ll save yourself from a few impulse purchases!

The more places you store your data across the internet, the more likely it will be involved in a breach somewhere. Keep it safe by saving it in as few locations as possible or opt for more secure payment methods like Apple Pay or Paypal.

Never open attachments from unknown sources

When you open an attachment or download something to your computer from an unknown source, you could be downloading a virus to your device and giving them access to all your personal data.

Only open attachments or download files from trusted sources or when you specifically requested the file.

Shop with a credit card, not a debit card

One simple way to protect your funds if a breach does occur is by using a credit card instead of a debit card. If a hacker spends money on a debit card, you won’t be able to get that money back. Many credit cards will alert you to the theft before you even notice it and put a hold on your card before funds go through.

Watch your transactions

Even with the buffer of a credit card, watch your transactions closely. If you travel often or make many purchases during the holiday season, your credit card may not pick up on a suspicious transaction. Check your account each day during the holiday season to ensure the purchase are only the ones you expect (hopefully, this doesn’t spoil too many surprises!).

If the price is too good to be true, it probably is.

One way hackers get your data is by luring you in with a product that is much lower than the competition. Unfortunately, if a price is too good to be true, it probably is: you may never receive the product you ordered, or it may barely match the description of the product you bought.

You can stay safe with your holiday season shopping by buying from trusted sellers online and in-store. Don’t send your money to a seller you’ve never heard of before for a price that can’t be real. Instead, reward reliable, secure companies by shopping with them.

Stay cautious

Holiday online shopping is here to stay, and that means you need to remain vigilant against threats and vulnerabilities. Hackers are always finding ways around the latest security protections, but with a few best practices in mind, you won’t need to worry.


Discover the full extent of your online exposure so you can protect it.