- Security Center
- English ▾
Holiday Season Shopping Tips and Tactics
To stop the festive period becoming a bonanza for fraudsters, consumers are being encouraged to become wiser to potential online fraud and pay greater attention to personal internet security.
Here are SIX top tips on how to protect yourself while shopping online this Christmas:
1. Look for the ‘S’
Only ever access your internet banking, or shopping sites, by typing the address into your browser - never go to a website from a link in an email and then enter personal details. Always ensure when transacting online that the URL starts 'https' rather than 'http', or has the gold padlock icon, and only use official apps for mobile banking. Big corporations that accept online payment transactions typically have these characteristics such Paypal, Amazon and Ebay etc.
2. Treat all unsolicited emails with caution
Don't ever click on links or open attachments in emails you weren't expecting or are not sure about. Scammers and phishers alike can mimic the appearance of a well-known website making you think that they are the legitimate sites or companies that you have been familiar with. Always check the sender’s email address, make sure that it comes from the ‘true’ sender.
- An authentic email will NEVER ask you for personal information such as:
Your full name
Driver's license number
Social Security number
Credit and debit card numbers
Pin numbers or bank account numbers
- Bad spelling and/or poor grammar from an emailer claiming to represent a company, royalty, a prize agency, whatever.
- Make sure the email is from a recognizable domain that is linked to the actual sender name. For example, an email from amazon.com should typically have the from domain of “amazon.com” (not "amozon.com" or “marketplaceshopping.com").
3. Use strong passwords: passwords
Password should have a mix of letters (upper and lower case) numbers and symbols. Avoid obvious things like your name, birthday or phone number that others can guess. When creating passwords at stores, use upper and lower case with numbers. Use at least seven characters and don’t choose a word from a dictionary. Passwords can be guessed very quickly by hacker programs. If you need help remembering all your different passwords, use PasswordBox to secure them all.
4. Be cautious with online auctions
For higher value items, such as cars, make sure you see the items before sending any money. Always use the insured methods of payment for the internet site rather than direct payments to a seller. Log out after shopping and save the confirmation email as a record of your purchase, and make sure you have registered your cards with Verified by Visa or MasterCard SecureCode.
5. Get up-to-date security software
Make sure your computer and your web-enabled phone are protected with up-to-date internet security software. If you haven’t updated your security software for some time, you should do so before the holiday shopping craze commences. Ensuring that your anti-malware software is updated means that you are protected against the latest and newest form of malware. Upgrade your operating system, web browsers, and media applications with the latest versions. Hackers are always looking for ways to create new holes in existing software so they can steal your data. Software vendors patch these holes with updates.
6. Keep contact details up to date
Ensure your bank has up-to-date mobile/telephone contact numbers for you so they can speak to you if they spot unusual or suspicious activity on your account.
The Federal Bureau of Investigation (FBI) has some additional tips you can use to avoid becoming a victim of cyber fraud:
- Do not respond to unsolicited (spam) e-mail.
- Do not click on links contained within an unsolicited e-mail.
- Be cautious of e-mail claiming to contain pictures in attached files; the files may contain viruses. Only open attachments from known senders. Scan the attachments for viruses if possible.
- Avoid filling out forms contained in e-mail messages that ask for personal information.
- Always compare the link in the e-mail to the link you are actually directed to and determine if they match and will lead you to a legitimate site.
- Log on directly to the official website for the business identified in the e-mail instead of “linking” to it from an unsolicited e-mail. If the e-mail appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence from the business will provide the proper contact information.
- Contact the actual business that supposedly sent the e-mail to verify that the e-mail is genuine.
- If you are requested to act quickly or there is an emergency that requires your attention, it may be a scam. Fraudsters create a sense of urgency to get you to act quickly.
- Remember if it looks too good to be true, it probably is.
Even Microsoft are reminding their Outlook users to keep their identity safe this holiday season. This image is posted on Outlook's sign in page: