top of page
  • Writer's pictureJoshua Duvall

Tips to Stay Cyber Safe This Holiday Season

As we head into another holiday season full of chai tea lattes, family gatherings, and fervent, and often last-minute, e-commerce, it's a good time to take a look at some common cyber threats that emerge during the holiday season and to learn some useful tips to stay safe both while online shopping and while scrolling through your inbox for the latest deals.


According to a CISA post, more than $8.8 billion was lost last year to scams and fraud. Cyber criminals are searching for weaknesses in your devices or internet connections (phones, tablets, routers). The bad actors also will attempt to steal personal and financial data through fake websites, charities, and email. To stay safe, CISA recommends the following actions:

  • Use Strong passwords. Make them unique to each account and complex.

  • Enable multifactor authentication for your accounts.

  • Think before you click.

  • Update your software on all devices, regularly.

  • Check your devices.

  • Shop Only Through Trusted Sources

  • Use Safe Methods for Purchasing

    • Cyber criminals will often send phishing emails—designed to look like they’re from a retailer.

    • Use credit card instead of debit (improved chance of recovering stolen funds).

    • Check your statements, frequently.

    • Watch out for emails asking for information about you.


According to the FBI, non-payment and non-delivery scams cost people more than $281 million in 2022. The FBI also states that credit card fraud accounted for another $264 million in losses. To guard against cyber threats this holiday season, FBI recommends the following (non-exhaustive):

Practice good cybersecurity hygiene.

  • Don’t click any suspicious links or attachments in emails, on websites, or on social media. Phishing scams and similar crimes get you to click on links and give up personal information like your name, password, and bank account number. In some cases, you may unknowingly download malware to your device.

  • Be especially wary if a company asks you to update your password or account information. Look up the company’s phone number on your own and call the company.

Know who you’re buying from or selling to.

  • Check each website’s URL to make sure it’s legitimate and secure. A site you’re buying from should have https in the web address. If it doesn’t, don’t enter your information on that site.

  • If you’re purchasing from a company for the first time, do your research and check reviews.

  • Verify the legitimacy of a buyer or seller before moving forward with a purchase. If you’re using an online marketplace or auction website, check their feedback rating. Be wary of buyers and sellers with mostly unfavorable feedback ratings or no ratings at all.

  • Avoid sellers who act as authorized dealers or factory representatives of popular items in countries where there would be no such deals.

  • Be wary of sellers who post an auction or advertisement as if they reside in the U.S. but then respond to questions by stating they are out of the country on business, family emergency, or similar reasons.

  • Avoid buyers who request their purchase be shipped using a certain method to avoid customs or taxes inside another country.


According to cyber company SentinelOne, email scams often involve fraud involving gift cards. In addition, there are other scams related to fake order confirmations, which often include convincing logos and graphics to trick shoppers into thinking the email was real. To guard against these type of threats, SentinelOne recommends the following:

  • Operate with caution as a default – Verify incoming emails and messages and avoid clicking on suspicious links. Check that the sender’s email address is correct, look for official branding, and be aware of the tone of the message.

  • Don’t rush to respond – Scammers like to send fake confirmations for expensive goods or services, or claim the recipient has been or will be charged for something they never ordered. The ploy is to instill a sense of urgency and encourage the intended victim to click a malicious link. For any unexpected communication that implies some form of payment is due or forthcoming, verify its legitimacy through official channels rather than relying solely on email notifications.

  • Be wary of gift card scams – When confronted with requests for gift card purchases, check the request through a trusted source.

  • Inform and stay informed – Knowledge is power, and in a connected world, we are all part of the solution. Keep up to date with blogs and social media accounts from state and local authorities, which often post warnings and spikes, and share with others. The more people are aware of scams the less successful they are.

  • Report suspicious activities – If you think you may have fallen victim to a scam, it’s important both to report it to relevant authorities and organizations such as your employer or your bank and to take action quickly. Reset passwords where necessary and enable multi-factor authentication (MFA).

PC Magazine

To avoid cyber scammers this holiday season and keep your data safe and secure, PC Magazine offers this top 10 list of basic guidelines to ensure a safer online shopping experience:

  1. Only Shop on Popular or Familiar Websites

  2. When in Doubt, Look for the Lock

  3. Research the Seller Before Buying

  4. Lie or Omit Personal Information on Shopping Forms

  5. Don't Use Your Debit Card to Shop Online

  6. Pay With Your Phone in Stores

  7. Watch Out for Fraudulent Gift Card Exchanges

  8. Stay Private While Using Public Wi-Fi

  9. Install and Use Security Apps

  10. If You Do Get Scammed, Don't Get Mad, Get Revenge


Cyber threats are not going away anytime soon, and with the holidays fast approaching, shoppers should expect an uptick in malicious traffic (particularly to your inboxes). As the above shows, industry consensus is to take your time and be skeptical when searching for online deals. Be sure to research sellers before purchasing and when in doubt, do not click on suspicious links (email scams are sophisticated, so pay close attention). While the above examples are not exhaustive, they provide a good starting point to stay vigilant and secure this holiday season. Happy Holidays!

. . .


Thanks for subscribing!

bottom of page