Christmas is a time when many of us go hunting online for the perfect presents for our family and friends. But with rip-off merchants lurking, it’s important to be a savvy online shopper to make sure your Christmas isn’t ruined.

Here are some top cyber-security tips to help avoid scams this holiday season.

Shop with trusted sites

Watch out for shady operators that pop up with fake online stores designed to take advantage of excited and unsuspecting Christmas shoppers. Regardless of whether the online store is well-known or unfamiliar, always think before you click and surrender your cash.

  • Navigate directly to an online store using your web browser, rather than by clicking an email or social media link
  • Read the comments on a store’s social media ads to see what other people have to say about them
  • Google the merchant, its online store and its products to check their reviews
  • Check for any Facebook groups created by unhappy customers

Make sure you monitor your bank statements for unusual activity over the festive season, and if you’re concerned you may have been scammed, get in touch with your bank as soon as possible.

You can also report scams to Scamwatch.

Check your payment is secure

A shopping website’s URL (address) should always begin with ‘https’ and a closed padlock icon in the address window when you’re about to make a transaction on it. This indicates that the communication between your device and the shopping site is encrypted (unable to be easily intercepted or read). You may also want to re-think storing your credit card details and other personal information on your online store accounts – if the company is breached, your information could end up in the hands of cybercriminals.

Beware the phish

Phishers are lurking all year round, so as always, be on the lookout for suspicious emails and SMS messages such as fake parcel delivery notifications or too-good-to-be-true offers encouraging you to get in quickly or risk missing out. 

Limit your public Wi-Fi activities

Think twice before connecting to free public Wi-Fi networks. Cybercriminals like to lurk on public networks and intercept your activities, or even set up rogue hotspots for you to connect to, so never shop or bank online using public Wi-Fi.

Lock down your accounts

If you need to create accounts with online stores, make sure you use strong and unique passwords – don’t reuse your internet banking, email or social media passwords. Some online stores may also offer two-factor authentication as a way to secure your account – requiring something additional to a password and username, such as a unique verification code sent to you by a different means – when you purchase.

Protect your privacy on social media

Cybercriminals love harvesting personal information from social media and using it to guess passwords, craft targeted phishing messages and create other cyber scams. Consider limiting the personal information you share on your social media, and use privacy controls to restrict who can see your information.


Patrick Larobina