Safe Online Shopping

See image on left.Stay safe, Vandals! Remain vigilant for hackers, scammers, and online thieves are trying to steal your personal and financial information while you shop, especially during holiday season. To help keep your information secure, please consider the following.

Your Devices and Accounts

  • Update your personal devices with the latest available operating system version and software updates.
  • Use strong, unique passwords for every account and consider a password manager to store them.
  • Use multi-factor authentication on your accounts, especially your accounts on shopping websites.

Online Shopping

  • Purchase from shopping websites with a good reputation. If a shopping website is unfamiliar, research the company to verify it is legitimate.
  • If a shopping website doesn't look right, for example if the URL looks different, the layout of the website is broken, or there are grammar and spelling mistakes, consider leaving the site and making a purchase elsewhere. It's possible cybercriminals are trying to steal your information.
  • Beware emails offering deals too good to be true. A new high end smartphone for $49? It might be a scam!
  • Avoid clicking links to shopping websites in emails. Navigate to that website from a search engine instead.
  • Avoid making purchases while your device is connected to a public Wi-Fi network, such as at a cafe or library. Only make purchases when connected to networks you trust.
  • Watch out for knock-off products, even from reputable companies. Check the reviews for the product and seller.
  • Verify that you are connecting to the website with HTTPS. Look for HTTPS (instead of HTTP) in the link and check that a lock icon is present next to the link. Here are some examples:

This image depicts links with h t t p s.

Payment and Financial Information

  • Use a credit card instead of a debit card for online purchases since credit cards have less liability if a criminal uses your card information to make purchases.
  • Regularly check your credit card and bank statements for unrecognized charges.
  • Do not send credit card information, passwords, or other sensitive information over email. A legitimate business or financial institution should not ask for this information through email.

If you think your information has been stolen...

  • Notify your financial institution.
  • Change passwords on all accounts you think may have been compromised.
  • Report identity theft to the FTC at

For more information, read CISA's advisory on holiday online shopping.

Print Article


Article ID: 1766
Tue 11/17/20 10:59 AM
Tue 5/14/24 1:27 PM

Related Articles (3)

Follow these tips to help keep your data, accounts, and the university secure!
Cyber Security Tips for traveling abroad
Resources for victims of identity theft.