Cybersecurity Advent calendar: Tips for buying gifts and not receiving coal

Next story

In the words of the famous song, it’s beginning to look a lot like Christmas, and in the run-up to one of the most anticipated holidays of the year, people are slowly shopping their way through their lists of gifts for their loved ones.

However, since it’s 2020 and the COVID-19 pandemic is not really showing signs of subsiding anytime soon, it’s going to be a Christmas unlike any other, and to keep safe, many of the shopping sprees will not take place in brick-and-mortar shops or malls, but online.

In our second article of the Cybersecurity Advent calendar series, we’d like to make your shopping experience this Christmas as safe as possible by giving you a few simple tips that can keep you secure during your online gift-hunting quest.

Buy from trustworthy online stores

As is the case with any strong shopping season, scammers like to establish fraudulent online marketplaces to lure unsuspecting victims and dupe them out of their money. To mitigate any risks of falling for scammy online shops, you should stick to shopping at reputable vendors that have a verifiable track record and good reviews.

Remember: If an offer seems too good to be true, it probably is

During this festive season, fraudsters are banking on the notion that nobody can resist a good price. However, you should be wary of luxury brands or tech products being offered for cents on the dollar, since such prices are both ludicrous and too good to be true; they are most probably a scam. So be sure to avoid any extreme sales that seem suspicious – especially if they are from an unknown vendor.

Only buy from sites that use encryption (HTTPS)

When you’re looking for the right gift online and finally settle on a place you want to buy it from, first check that the online shop’s website uses encryption. This is signified with the logo of a small padlock in your browser’s address bar and a web address starting with “https://”.  This type of encryption ensures that sensitive data such as your account credentials will not be sent in the clear, adding an extra layer of protection regardless of whether you’re shopping using your secured home Wi-Fi or a public Wi-Fi hotspot. All legitimate online marketplaces will use encryption; beware, however: fraudulent websites increasingly use encryption too, so you still must be vigilant and make sure you are dealing with a reputable vendor.

Use top-quality security software that includes internet protection

While shopping online, one of the best security measures you can take is to use a reputable, fully featured security solution. These usually include features such as blocking known untrustworthy websites, providing protection against most types of attacks, and even payment protection for your online purchases and transactions.

Take time to think before you buy or provide your personal info

Before buying anything, take a deep breath and think about what you’re going to buy, where from, and what kind of information the online marketplace is asking you to share with it while you complete your purchase. If you decide to purchase anyway, look at the data the vendor is requesting, fill out just the necessary information and don’t overshare, since the data could be abused if it gets into the wrong hands, for example in the case of a breach.

Don’t shop online via a leaky hotspot: Only use secure internet connections

Although it may sound enticing to finish some of your shopping while you are waiting on your takeout order or your car is getting filled with gas, you should avoid doing it while you’re connected to a public Wi-Fi hotspot. These are commonly targeted by cybercriminals who will try to compromise your device or get their hands on your internet traffic. A better idea would be to use your cellular data … and if you can’t avoid a public connection, at least use a virtual private network (VPN) to encrypt your traffic

Check your statement afterwards and contact your credit card provider and the store if you notice something fishy

After you conduct a purchase, you might want to check on your account balance to make sure that everything is alright and the price you paid for the product corresponds with the price that was advertised. If anything seems off, like if the deducted price is higher or some unusual activity is taking place, you should immediately contact your card provider to figure it out … and if anything suspicious turns up, you can prevent yourself from losing money to cybercriminals by blocking your cards.

The main idea of this week’s advice is that you can shop online and hunt for good deals without taking any unnecessary risks. All you have to do is adhere to cybersecurity best practices and be on the lookout for any signs of something suspicious being afoot.

Stay tuned for next week’s advice, which will cover tips on how to stay safe while connecting with others online.

About ESET

For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security, to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real-time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centers worldwide, ESET becomes the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information visit or follow us on  FacebookYouTube and Twitter.