Have a Cybersafe Christmas: Online Shopping Tips for the Holiday Season

Online shopping is more popular than ever before. While it offers a safe and convenient retail experience for millions of people, it also exposes shoppers to cybersecurity risks that can’t be overlooked.
Christmas shopping

This year, holiday shoppers are expected to spend nearly $180 billion online, eschewing long-lines and hazardous conditions at brick-and-mortar businesses in favor of a convenient shopping experience at their fingertips. In total, more than 70% of Americans plan to shop primarily online, a 19% year-over-year increase. 

Of course, online shopping comes with its own risks. A recent survey on the state of cybersecurity and the holiday shopping season found a 14% rise in e-commerce fraud. Incredibly, a Bankrate report found that 91% of shoppers put their personal data at risk while holiday shopping online.    

Cybercriminals are taking full advantage of this increasingly popular trend, becoming more active in their efforts to compromise personal and financial data. In this environment, shoppers need to understand the risks while protecting critical data from bad actors. 

Online Shopping Risks This Holiday Season

Cybercriminals have spent years honing their capacity to enact increasingly sophisticated scams that compromise consumers’ critical data. Their tactics are diverse, but their motivations are always the same.  

They want money. Whether cybercriminals are directly accessing financial information or capturing personal data for resale, cybercriminals are looking to cash in this holiday season. Their strategies include: 

  • Phishing scams. These malicious messages lure unsuspecting recipients to engage with phony forms, web stores, and financial websites. More than 3.4 billion phishing emails are sent each day, making it one of the most prominent cybersecurity threats. Bad actors rarely face reprisal for sending phishing messages, and their efforts are becoming more difficult to detect.


  • Card-skimming malware. Online shoppers share their most sensitive information at checkout, and cybercriminals frequently target this process. Card-skimming malware, which collects and transmits people’s data at checkout, has impacted prominent companies, including Macy’s, Ticketmaster, and British Airways.


  • Fraud. According to Deloitte’s 2020 Holiday Retail Survey, 16% of shoppers “sift through digital platforms, including social media, for attractive options.” While these efforts could save a buck, they can also expose shoppers to fraud. Scammers are creating phony coupons, vouchers, or gift card options to entice shoppers to compromise their personal or financial data.

Simply put, browsing the internet for incredible deals is not akin to meandering around the mall. 

Engaging with a phishing scam or embracing a fraud attempt exposes shoppers to malware, viruses, spyware, and ransomware. Once installed, the consequences can be devastating, allowing bad actors to:

  • Collect and sell personal and financial data. 
  • Distribute new phishing attacks to your friends, family, and contacts. 
  • Provide remote access to your device. 
  • Consummate identify theft.  
  • Steal money. 

Tips to Avoid Holiday Shopping Scams And Keep Your Information Safe

While bad actors are using their best efforts to steal sensitive data, consumers are not powerless to protect themselves. Here are six steps that every shopper can take to improve their defensive posture this holiday season. 

#1 Secure your accounts. In the past few years, billions of digital records have been compromised, often being rapidly sold and disrupted across the Dark Web. Those login credentials are used to gain front-door access to your accounts. Using readily available security features, like two-factor authentication, can keep bad actors out.

#2 Update your passwords. Minding about password security and regularly updating account passwords might be a pain, but it’s critical for keeping your information safe. Unfortunately, more than a third of people never change their passwords, leaving their accounts vulnerable to a variety of cyberattacks. 

#3 Learn to spot phishing scams. Phishing scams are frustratingly prevalent, but they are also entirely ineffective when users identify and delete these messages. Many companies offer phishing scam awareness training, but even simple steps, like taking time to confirm a message’s authenticity and evaluating it for possible signs of a scam, can make a significant difference. 

#4 Only shop on authentic websites. The internet is full of malicious marketplaces promising unbelievable deals. Look for the padlock that identifies verified addresses, and double-check a site’s authenticity before providing your personal and financial data.  

#5 Use the best payment option. When shopping online, use a credit card, not a debit card. If possible, use a third-party payment service like Apple Pay or Google Pay, which further obfuscates your personal and financial information, making it more difficult for cybercriminals to misuse this information if it’s compromised. 

#6 When in doubt, don’t. When deals seem too good to be true, they probably are. Use common sense when shopping online, maintaining an awareness that everything may not be what it seems and taking intentional steps to protect your critical data. 

Let's Wrap It Up...

Online shopping promises to be a respite for safety-conscious shoppers this holiday season. In the process, don’t compromise your valuable information. 

OneRep can help you preserve privacy this Christmas season. We remove your personal information from the internet, preventing bad actors from combining stolen information with readily-available personal details to execute identity or financial fraud. Get started with your free trial today. 

Remove your sensitive info from the web

OneRep’s algorithm scans 196 data brokers and removes your records from all people-search sites that publish them

Iryna Slabodchykava

Content Strategy Manager at OneRep | LinkedIn