Skip to main content
Back to Resource Center

Shop Smart this Holiday Season: Cyber Security Tips for Online Purchases

Cyber Monday has come and gone, but there are still plenty of online shopping opportunities to fill up your digital carts – including those after-holiday deals and New Year sales. But beware, cyber thieves are always on the hunt, hoping for distracted shoppers looking for the best holiday deals. 

These bad actors will try to reel in unsuspecting internet consumers with bad intentions: faulty hyperlinks, faux websites and the ultimate insult during this time of giving and spreading holiday cheer – fake charities. 

“They will try to use techniques that will trigger fear of missing out on a great deal or offer to try to get someone to do something they normally wouldn’t do,” said Nathan Timberlake, information security engineer with Georgia United Credit Union. 

These Grinches are trying to steal your joy by getting access to your personal information, financial data and assets, and they’ll even try to nab your identity. 

But as you make online purchases during the busy holiday shopping period – and beyond – you can stay vigilant with the following tips from Georgia United:

  • When shopping online, Timberlake suggests making sure to type in the website address or use a known bookmark to get to it, do not click links in emails. Try to use only well-known merchants, shops and stores. 

  • Use strong passwords that don’t incorporate personal data that’s easy for a hacker to guess by looking at your social media profiles or other public information about you. For instance, don’t use your home address, your favorite football team or the name of your business. Using a password organizer is also a good idea. 

  • Consumers check to make sure a shopping site is secure by looking for the gray lock symbol in the web address bar. This indicates that the site is secure and is using a valid SSL (Secure Sockets Layer) certificate. 

  • If you use public Wi-Fi while making online purchases, it is best to use a VPN (Virtual Private Network) to secure your information. However, it is generally best to avoid using public Wi-Fi connections when you are making online purchases or sharing sensitive personal information, such as credit card and account numbers. 

  • To lower the probability of getting hacked, it is a good idea to implement multi-factor authentication (MFA) on your accounts. It proves that you are you by providing more than a username and password. These multi-factors can be PINs (Personal Identification Numbers), your smartphone or USB key or fingerprint or facial recognition.  

  • Updating software when prompted and turning on automatic updates can help prevent cyber-attacks. “Keeping software updated is a great idea,” said Timberlake. “Because the software can have vulnerabilities built into it that updates will catch and fix – even your web browser – that could be exploited if you go to a website that has been compromised. Typically, Microsoft Office, for example, will update in the background that will just happen while you’re using it, and most software does it in the background now, so it’s not going to prompt you to update.”  

  • Avoid getting snared by a phishing email with this simple rule: think before you click.  

And when it comes to avoiding online fake charity scams, if you want to donate to real and thoroughly vetted charities in lieu of merchandise, consider programs sponsored by Georgia United’s philanthropic arm, Georgia United Foundation.  

There’s also a way to shop securely online while benefitting Georgia United Foundation. When you shop at smile.amazon.com or through the Amazon mobile app, simply designate Georgia United Foundation as your preferred charity, and AmazonSmile will donate 0.5% of eligible purchases to the foundation at no cost to the shopper. For more information, click here.  

This content is provided for informational purposes only and should not be viewed as legal advice on any subject matter.