'Tis the Season: 5 Tips for Safe Shopping Online during the Holidays

Americans will spend nearly $730 billion during the 2019 holiday shopping season, according to AccuWeather, which represents a nearly four percent year over year increase. But before snatching up any Cyber Thursday or Black Friday deals, it's important to make sure that you're aware of e-commerce fraud and take measures to protect yourself.

E-commerce fraud tends to increase during the holidays. For example, a hacker may takeover your account and use stored payment methods to buy items, access loyalty programs or place orders using new stolen payment cards. It's not unusual for shoppers to use different shipping addresses during the holidays, so often times, the transactions aren't flagged.

E-commerce fraud is growing at a faster pace than e-commerce sales — are you taking the right measures to protect yourself online? Let's take a look at five tips that you can employ to protect yourself from these types of fraud.

#1. Ensure & Verify SSL Connection

Most e-commerce websites use certificates to prove their identity to web browsers. Since anyone can create a certificate, most web browsers check to ensure that certificates come from trusted organizations, such as Let's Encrypt or Verisign. These certificates ensure that any data passed between the website and browser is encrypted, which prevents man-in-the-middle attacks where data can be intercepted on Wi-Fi networks.

Modern web browsers make it easy to ensure that a connection is secure by looking for a lock symbol in the address bar. In fact, some browsers have gone a step further by warning users when a website isn't secure — even if it's not a website that's processing e-commerce transactions. Chrome's "Your connection is not private" errors are a great example of this functionality and can help you avoid untrustworthy websites.

Tldr; Never make an online purchase through a website that is not secured by an SSL certificate.

#2. Use a Modern Browser with Anti-phishing

Most people have seen a phishing email at one point or another during their lives. For example, you may have come across a fake 'fraud alert' from your bank requesting that you login to change your password. Hackers may also pose as a legitimate e-commerce website — perhaps one where you've placed an order — requesting some kind of information. After stealing your credentials, they could takeover your account.


Download our free Checklist of Cybersecurity Tips to keep yourself safe when browsing or buying online.

The good news is that most modern web browsers have anti-phishing technology baked in to prevent these kinds of issues. For example, Google Chrome automatically flags websites that appear suspicious with a full-screen warning that makes it difficult to accidentally click through to the website. Many email providers similarly categorize phishing emails into the spam folder, preventing you from even seeing most phishing attempts.

Tldr; Update your browser to automatically avoid phishing attempt.

#3. Install Anti-malware & Anti-virus

Most people are familiar with viruses and malware, but few people appreciate how widespread the problem has become. According to the AV-TEST Institute, more than 350,000 new malicious programs and potentially-unwanted applications are registered every day. The total number of malware has grown from 50 million in 2010 to one billion this year! New technologies are making these malware programs increasingly difficult to detect.

Malware and viruses may not seem like an e-commerce issue, but many use keyloggers to steal credit cards and passwords. If your device is infected, you could have your credit card digitally-swiped when making an e-commerce transaction, and most of those transactions occur around the holidays. So, it's important to ensure that you have the right solutions in place to detect keyloggers and prevent them from stealing your credit cards.

Tldr; Install anti-virus and anti-malware software to keep your computer free from keyloggers and other malware designed to takeover your ecommerce accounts.

#4. Ensure Safe Shipping Locations

A growing e-commerce threat doesn't happen online at all — it's package theft at the delivery location. According to data compiled by Smiota, one-in-four people have had a package stolen with an average value of $140. Less than ten percent of reported theft cases result in an arrest, which means that these crimes are only on the rise as e-commerce grows. Ironically, new post office technologies have made it even easier for criminals to steal packages.


Don't forget to download our free Checklist of Cybersecurity Tips to keep yourself safe when browsing or buying online.

There are several ways to prevent package theft. For example, you can install security cameras, pick up packages in person or add a smart doorbell to alert you when a delivery is made. Many metro areas also have Amazon Lockers and other places where packages can be delivered instead of a house. It’s equally important to ensure that you claim your USPS Informed Delivery account to avoid any possible fraud.

Tldr; Don't leave packages on your front porch if you're in an area where they may be stolen.

#5. Spot and Avoid Counterfeits

Shoppers that use mass-market e-commerce websites, like Amazon or eBay, could be in for a surprise when they receive their products: Many of these companies struggle to control counterfeit goods on their website. According to the U.S. Government Accountability Office, two-of-five products purchased online were counterfeit in 2018, and the problem is growing more pervasive as online retailers turn a blind eye.

The best way to avoid buying counterfeit goods is by researching the seller. In particular, Amazon Marketplace, eBay and other third-party sellers may not be trustworthy. Customer reviews tend to be a good way to uncover potential problems, while excessive discounts are a sign that the offer may be 'too good to be true.' The good news is that returns are easy in many circumstances if you notice the counterfeit item in time.

Tldr; Be wary of third-party sellers since they may be slinging counterfeit goods.

The Bottom Line

The holiday season should be a time for joy — don't let hackers turn it into a time of fear. By using these tips, you can avoid becoming a victim of the most common types of e-commerce fraud during an especially vulnerable time of the year. Share these tips with your friends, colleagues and family to help keep them safe during the holiday buying season as well!

If you're looking for cybersecurity solutions for your small business on a day-to-day basis, Jungle Disk provides a comprehensive cybersecurity suite that's specifically designed for small businesses with up to 250 employees. From active network protection to team password management, we have solutions to cover all of your bases.

Sign up now or schedule a free demo to learn more!

Protect Your Business Data

We are passionate about helping our customers protect their data. We want you to use Jungle Disk to protect yours. Click on Sign Up to get started. It takes less than 5 minutes!

Sign Up