If 2020 were a person, it would come dressed as COVID-19 to a Halloween party. That’s because the onslaught of the pandemic this year brought us the nightmare we never expected.

And while the risk of virus spread is not yet over in the physical world, there’s another kind of danger looming over us in the online world—the danger of online cyberattacks this holiday season.

This time around, the threat of cybercrime during the holidays is worse than ever. And it’s easy to see why—right now, it’s safer for all of us to buy things online than risk going out and catching the virus.

This is the reason why online retailers saw a tremendous growth of 22 billion website visits in June 2020—up from 16 billion visits globally in January 2020. Global retail platforms also witnessed an unprecedented spike in online traffic between January 2019 to June 2020—surpassing even the peak holiday seasons.

This frenzy of online buying includes everything ranging from people buying toilet papers in bulk, panic buying grocery items, to shopping gifts for loved ones.

And since everyone is buying stuff online this Gifting Season, hackers are already on the prowl ready to ruin your festive mood—unless you take extreme caution.

Below, I share seven of the most effective safety reminders for you to practice a healthy buying habit in order to make your holiday buying experience smooth and risk-free.

Software updates exist for reasons beyond improving your device’s speed and performance. The updates also offer security patches to protect your device from hacking, data theft, or other online vulnerabilities.

A team of researchers in March this year found that two out of every five Android users worldwide don’t receive vital security updates from Google. That means your smartphones are sitting ducks to cyber criminals waiting to pounce at your personal data.

Updating your desktop devices is equally critical since that’s where we stow a ton of our personal data like our banking and financial information.

Proactively update your device’s software to prevent falling prey to malware or ransomware attacks.

It’s very convenient to have automatic sign-in enabled on your web and mobile browser. But productivity should never come at the cost of security.

Every time you enable auto-login, you help hackers save time and energy to breach into your system.

For instance, enabling automatic login in your browser increases the likelihood of Windows registry hack. When you enable the default passwords, you enable Windows to save your DefaultUserName, DefaultPassword, and DefaultDomain in the registry.

You’re essentially handing over your system password on a platter for unauthorized users to access it in plaintext.

My advice: disable the auto-login and autofill features in browsers such as Chrome and Internet Explorer.

Instead, use a trusted password manager app like LastPass or OneLogin that does a much better job than Google or Windows to secure your online credentials like online banking user ID, credit card number, etc.

What’s better than understanding the dangers of public spaces in the time of social distancing?

That’s right. Public Wi-Fi—especially the ones that are free—is where the virus infections are most likely to spread.

Avoid public Wi-Fis like plague—especially to carry out financial transactions or to access your confidential information online.

If you must use public Wi-Fi networks, always use a reliable VPN (virtual private network) app to mask your IP address, encrypt your internet connection, and establish a secure browsing environment.

Many people I talk to on a daily basis don’t realize this, but there’s a way for you to set a daily limit on your credit card spending. You just need to talk to your bank to enable this function.

Security-wise, this is a great way to figure out if your credit card number is stolen or being misused. For example, towing a line on your daily spending will alert you of any abnormal payment activity on your credit card.

The benefit of this technique transcends beyond security. Personally, I think that putting a cut-off on your credit card spending also helps you become more mindful about your spending and discourage you from splurging unnecessarily.

Here’s another way for you to identify if someone is misusing your credit card information—reconcile your bank and credit card statements.

This will help you map each of the spending data on your credit card statement with the respective transactions down to the tee.

It’s much easier to audit your credit card statements and single out transactions that don’t match your buying history when you reconcile the two.

While the good old foreign prince scam is still doing rounds on the internet, hackers these days have devised much more sophisticated tactics to siphon off money from unsuspecting people like you and me.

For instance, hackers nowadays send malicious links impersonated as your PayPal verification email or Netflix payment update reminder. Here’s an example of the latter:

[Image source]

This is a much subtler and smoother tactic that can go undetected even for a trained pair of eyes.

As more shopping is happening on phones this is increasingly becoming a hotspot for criminals. This method leverages malicious text messages to trick users into clicking on a malicious link or handing over personal information.

With shopping seasons like Black Friday and Cyber Monday around the corner, you are most likely to get dozens of such emails and text messages that usually have a sense of time-based urgency for you to claim a reward, enter a contest, or take some kind of immediate action. Don’t fall for that trap.

As a rule of thumb, always verify the sender’s email address before clicking on any kind of link. Also, flag such emails as “junk” or “phishing emails” to avoid the likelihood of these emails appearing in your inbox again.

Make sure you double-check a website’s authenticity when providing personal and credit card information. Always check for the “https://” prefix in a URL (and the padlock symbol at the beginning) to verify a website’s authenticity and to ensure it has the necessary SSL certificate.

Abort your shopping immediately if the website is missing the https:// prefix or if you suspect anything fishy about the site.

You should always enable multi-factor authentication whenever it is available. Using multi-factor protects you by using separate pieces of information to prove who you are.

Cyberattacks can come from anywhere—even from your latest smart TV or an IoT device that you are about to gift yourself on Christmas.

And while there are technologies that can help you offset the risk of hacking to an extent, there is no silver bullet that will safeguard you 100%.

When it comes to erecting a security chain around your valuable data, you are your weakest link. Criminals trick our psychological blindspots and cognitive flaws to prey on us.

Therefore, nothing beats exercising caution and developing a sense of digital diligence to prevent criminals from stealing your data.

Wishing you happy holidays and safe and secure shopping!

Suggested Reading from Money.com

The 6 Best Credit Repair Companies for 20201