Safe Online Shopping

Stay safe, Vandals! Remain vigilant every holiday season for hackers, scammers, and online thieves are trying to steal your personal and financial information while you shop. To help keep your information secure, please consider the following.

Your Devices

  • Update your personal devices with the latest available operating system version and software updates.
  • Use multi-factor authentication on your accounts, especially your accounts on shopping websites. Use different passwords for each account.
  • Avoid making purchases while your device is connected to a public Wi-Fi network, such as at a cafe or library. Only make purchases when connected to networks you trust.

Online Shopping

  • Purchase from shopping websites with a good reputation. If a shopping website is unfamiliar, research the company to verify it is legitimate.
  • If a shopping website doesn't look right, for example if the URL looks different, the layout of the website is broken, or there are grammar and spelling mistakes, consider leaving the site and making a purchase elsewhere. It's possible cybercriminals are trying to steal your information.
  • Beware emails offering deals too good to be true. A new high end smartphone for $49? It might be a scam!
  • Avoid clicking links to shopping websites in emails. Navigate to that website from a search engine instead.
  • Verify that you are connecting to the website with HTTPS. Look for HTTPS (instead of HTTP) in the link and check that a lock icon is present next to the link. Here are some examples:

Payment and Financial Information

  • Use a credit card instead of a debit card for online purchases since credit cards have less liability if a criminal uses your card information to make purchases.
  • Regularly check your credit card and bank statements for unrecognized charges.
  • Do not send credit card information, passwords, or other sensitive information over email. A legitimate business or financial institution should be less likely to ask for this information through email.

If you think your information has been stolen...

  • Notify your financial institution.
  • Change passwords on all accounts you think may have been compromised.
  • Report identity theft to the FTC at

For more information, read CISA's advisory on holiday online shopping.


Article ID: 1766
Tue 11/17/20 10:59 AM
Thu 1/27/22 2:24 PM