Holiday Shopping Tips for Black Friday, Cyber Monday, and Beyond

November 24, 2014
Gretel Egan

Last updated: July 15, 2019

It’s the most wonderful time of the year for online retailers — and online scammers. The deals dance like sugarplums in your email inbox and your incoming text messages. And while you’re likely to find a few of your favorite things in the advertising onslaught, there are plenty of lumps of coal mixed in. And these duds will leave you with more than a sooty stocking.

How to sort the naughty from the nice? Here are a few holiday shopping tips that will help you stay safe as you navigate the online deals and emails through Black Friday, Cyber Monday, and beyond.

Be Selective About Online Merchants

Credit card breaches aside, reputable stores are reputable for a reason. Larger operators are taking enormous precautions to protect online shopping sessions and keep your data safe. Shopping via an unknown entity can be risky, as scammers set up “dummy websites” to lure people into revealing personal data and credit card numbers with the promise of fabulous deals. If you are tempted by an online shopping site you're not familiar with, do your research. Online reviews and complaints can reveal the deals and sites that really are too good to be true.

Be Cautious About Clicking

Many legitimate emails and texts will flood your inboxes this holiday season. But lurking among them are malicious phishing messages that are designed to steal your data, your login credentials, your money, and more. Scammers can embed dangerous links inside of text, URLs, and images that look safe. So though it’s tempting to “click here to take advantage of this great deal,” the safest route to a website is to type a known URL into your web browser. 

Don’t Automatically Trust Familiar Brands and Logos

Perhaps the hardest part of fighting the phishing battle is that so many emails look familiar and safe. Scammers use known brands like Amazon, eBay, UPS, FedEx, and international airlines to lure unsuspecting users into clicking links and downloading attachments.

These and other social engineering techniques are designed to take advantage of your emotions. Phishing emails often urge you to act quickly without thinking, with messages that claim there are problems with your order, your shipment, or your reservation. Before you rush to click, respond, or download…stop. Breathe. Think. Most reputable companies will not send you these kinds of messages. And if you’re worried, contact the company through a known, trusted source (a legitimate website or customer service number, for example).

Get Savvy About WiFi

WiFi is everywhere. Many use it in their home networks, and open-access, “free” WiFi hotspots are just about everywhere. According to data from Adobe Digital Insights, 58% of holiday shopping traffic and nearly 40% of sales from November 1 through December 19, 2018, were generated on mobile devices (that is, smartphones and tablets). If you make purchases on the go, it’s critical that you understand the implications of sharing private data over WiFi.  

Here are some key points to remember about WiFi security:

  1. If there is no password, the WiFi network is not secure. This goes for your home network as well. A secure network uses encryption measures and is protected by a strong password.
  2. Scammers snoop on public WiFi. Sadly, this is not at all difficult for someone who has the right tools. You can never assume an open WiFi network is safe from prying eyes. As such, it’s best to avoid entering any private information (including logins, passwords, and account numbers) while on a public network.
  3. Just because you trust the location doesn't mean you can trust the WiFi. See points 1 and 2.
  4. If you can’t wait for secure network, use a VPN and make sure URLs start with https. A VPN helps to protect the data you transmit by creating a secure virtual "tunnel" for your information to pass through, so it's a must for anyone who regularly relies on public WiFi. In addition, sites that use https (e.g., https://google.com vs. http://google.com) do prevent snooping; your communications are kept secure in those sessions. In fact, https is valuable addition to any online session that requires you to enter private information, not just those over WiFi. It’s important, however, that you do not confuse secure communications with safe sites.

You can also find additional WiFi and mobile device security tips in other posts on our blog.

Consider an Online-Only Credit Card

First and foremost, do not use debit cards for online purchases. Should a breach occur, a credit card offers you some insulation because fraudulent purchases will not empty your bank account.

Second, consider dedicating one credit card for online use and limiting the available credit line. This will allow you to easily monitor your transactions and protect your accounts. Plus, if something happens in cyberspace, you’ll only have to make one phone call and deal with a single company to resolve any issues.

Steer Clear of ‘Too Good to be True’ Offers

Just share this email with 150 people and you’ll get a $50 restaurant gift card!

Invite 300 people to this Facebook event and we’ll give you a $100 store credit!

Fill out this survey and you’ll get free shipping for life!

The lure of getting something for nothing is a much-loved trick for scammers. Why? Because it works. Don’t fall for it! You’ll likely be asked to give up your email address, personal details, and even credit card numbers in order to “take advantage” of incredible offers. I’m betting you’ll know when something sounds too good to be true. Do yourself — and those hundreds of social media connections — a favor and leave those “gifts” unopened.