Cyber Monday: nine tips for shopping online safely

Cyber Monday is expected to see more shoppers than Black Friday for the first time. So how can you avoid becoming a victim of scams and malicious software? Here are some precautions.

Phil Noble/Reuters
A worker pushes a cart in an Amazon warehouse in Peterborough, England, in anticipation of Cyber Monday.

’Tis the season to shop online – and to be hyper-alert when doing so, according to security experts, who say spammers, online hucksters, and cyberthieves have shifted gears to target Cyber Monday shoppers.

For the first time, more people are expected to shop online on Cyber Monday than visit brick-and-mortar stores on Black Friday, according to American Express. Instead of fighting crowds, shoppers will spend an estimated $62 billion online this holiday season – up about 15 percent from 2012, says eMarketer, a firm that tracks e-commerce.

How all that online shopping gets done is changing, too. Mobile devices like iPads and smart phones are increasingly used to shop, with nearly $10 billion being purchased that way during the 2013 holiday season, eMarketer projects. Consumers are using their devices to do more research and product and pricing comparisons – then making purchases.

All this raises the question: How do you shop safely online and avoid becoming a victim of scams and malicious software? While there is no silver-bullet, online consumers can take a number of steps to avoid trouble.

One key problem for online consumers: knowing which "unbelievable, this week only" deals are real and which are fake, considering all the crazy discounts out there, Chester Wisniewski, an expert with Sophos, writes on the global cybersecurity firm’s blog.

“How can you tell the difference? Easy! Don't trust any of them,” he writes.

For example, when an e-mail or tweet pitches “Free iPads and $300 gift cards”: Just say no.

“Lots of people are looking to make money off of the Christmas giftgiving bonanza and many of them are scammers,” Mr. Wisniewski writes. “If you receive an email or online solicitation you are interested in, don't click any links,” even though that may seem counterintuitive.

Surprisingly, the volume of e-mailed malicious spam has actually fallen. But that’s because scammers are moving to social media sites like Facebook, where they can reach more people and cash in on the credibility that friends convey, Wisniewski says.

“When you see a post on someone's wall or a tweet from a colleague, treat it the same as an unsolicited email,” he notes. “Don't click it. Go to the real source and if necessary contact the sender to confirm its veracity.

Beyond that, here are some steps that the New York State Division of Homeland Security and Emergency Services (DHSES) and cybersecurity experts are recommending this year:

Secure your computer and mobile devices. Be sure the operating systems and application software of your computer and mobile devices are up to date. Antivirus and anti-spyware software should be installed, running, and receiving automatic updates. When using passwords, use strong and unique ones not used for any other accounts.

Use mobile applications with caution. Choose only the most widely used and well-evaluated apps. Seemingly legitimate shopping apps could download malware onto your devices, thereby stealing credit-card and other sensitive information for transmission to cybercriminals.

Disable Bluetooth. Shutting off Bluetooth and other near-field communication systems on your mobile devices when they are not being used limits the risk that credit-card numbers may be captured by another nearby device.

Know your online merchants. Limit online shopping to merchants you know and trust. Go to sites only by typing their URLs into the browser address bar. If you are unsure about a company, check with the Better Business Bureau or Federal Trade Commission.

Consider using a credit (not debit) card or an online payment system. PayPal and other online payment services keep personal card information stored on a secure server so a consumer can make purchases online without revealing credit-card details. If paying directly to a retailer online, use a credit, not debit, card to help reduce liability in the event that personal information is used improperly.

Even after Black Friday and Cyber Monday are gone, scammers are likely to jump right onto Christmas, Hanukkah, Kwanzaa, and New Year's celebrations. For all these days, you can take additional precautions, according to DHSES and cybersecurity experts. Such steps include:

Look for security symbols. Make sure the Web page address begins with "https” before you click "purchase." Also, a padlock or key icon in the browser's status bar indicates the transaction will be encrypted.

Don’t click on pop-up advertising. When a browser window pops up promising bargains, cash, or gift cards in exchange for filling out a survey, just close it by pressing Control + F4 on Windows devices or Command + W for Macs.

Don’t use public computers or public wireless. Don’t buy stuff while sitting at coffee shops, hotels, and malls. Public equipment is often insecure, and criminals may be capturing data on public wireless networks to steal credit-card numbers and other sensitive information. Be sure that your computer or device is set to prevent an automatic connection to Wi-Fi hot spots.

Be alert for potential charity-donation scams. Cybercriminals try to take advantage of holiday generosity and use fake requests as a way to access your information or device. If you see a charity pitch, don’t click on e-mails requesting donations or give out personal information through an e-mail or text message.

Instead, it’s best to contribute by going to the specific trusted Web address of the charity, cybersecurity experts say. That means never clicking on a link embedded in an e-mail that you’ve been sent. Moreover, visit the IRS website to find out if a group is truly eligible to receive charitable contributions.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to

QR Code to Cyber Monday: nine tips for shopping online safely
Read this article in
QR Code to Subscription page
Start your subscription today