Take a Virtual, Interactive Tour 

Cyber Security, Technology News

13 Min Read

Tips for Shopping Safe Online This Holiday Season

Here are 5 questions to ask yourself before clicking 'Buy Now':


To help prepare our UAT community for shopping safely when the tempting online deals flood their devices this season, we interviewed two of University of Advancing Technology's Student Ambassadors earning their degree in Network Security, Andrew Maddox and Marcos Xochihua, for their knowledgeable insights. 


1. What payment options are the safest when shopping online and why? 

Andrew Maddox has 3 primary rules when it comes to buying anything online. Number one being, “don’t use a debit card.” He recommends using an alternative payment method such as a credit card. “This is a rule is because catching fraudulent charges on a credit card is much easier than a debit card.” Credit card companies generally have more power and resources to help you reverse the transaction.  


Another great way to keep your financial information safe is to not use any personal card tied to you when shopping online and rather, “use pre-paid Visa or gift cards. You can even go a step farther by purchasing those cards with cash in-store ahead of time”, Marcos Xochihua adds. It’s one less opportunity for an account or personal financial data to be stored and potentially breached later. 


To understand what data any online store will keep from consumers, Marcos says, “you should be able to find information to learn the data privacy storage practices and the terms and conditions of purchasing online from that store specifically on their website”. He also suggests using the guest checkout when possible but “if a website requires you to create an account, it should also provide you a way to delete it”. If deleted, that will prevent a future breach of information from the account level or if the store’s website is breached altogether. 


2. How can you tell if a website is safe to shop through? 

Andrew’s rule number two for shopping safely online is, “be sure whatever website being used is trusted. There are so many resources like Amazon that are trusted but sometimes that specific gift that you want is only available somewhere else.” 


Both UAT Network Security students recommend you check the URL of the website and look for a secure encryption, also known as an SSL Certificate, where the URL of the website begins with 'https' and not just 'http'. This means that the online store has taken the recommended basic steps for securing the website. Marcos warned, “Do not purchase anything online from a website that doesn’t have that standard security certificate”. 


3. Is using a Public WiFi or shopping online in public safe?  

Andrew’s third rule looks at the wider scope of information security and all the ways your data could be stolen. He says, “being safe while shopping doesn’t just include the website and you”, he says. “If you are shopping while at a public WiFi like in the airport or other areas that are not your home's secured network, you risk losing credit card information and being the victim of identity theft, fraudulent charges, and overall, having a not-so-merry Christmas.”


Marcos suggested a subscription-based Virtual Private Network (VPN) if you tend to shop on-the-go. “When you’re away from a secure network, it’s considered the safest alternative to using any public Wi-Fi”, he shares. For about $10-15 per month through a subscription, a VPN enables you to be more anonymous online. It routes your IP address to a secure server elsewhere and tricks your device into thinking you’re in another location. 


Marcos also recommends that “one of the best gifts to give this year (especially for a techie and network security student) is a privacy screen protector”. This protector is not only great for preventing cracks when you accidentally drop your device, but only the person holding the device can see what’s on the screen. It blacks out the screen to any other perspective – so that the incognito criminal hacker sitting behind you can’t see your data either. 



From left, UAT Student Ambassadors: Marcos Xochihua, Andrew Maddox, and Bailey Nielson sharing tips. 


4. Are advertisements and email deals safe to click on? 

Advertising on social platforms is a great way for businesses to reach prospective consumers and re-market to past customers based on their digital behaviors and online purchase history. On the flip side, when leading up to the busiest online shopping holidays like Cyber Monday, more stores are buying ad space which makes it challenging for social platforms to spot scams. Marcos recommends, “just don’t click on ads at all. When you can, enable ad blockers, spam filters, update your ad preferences and privacy settings in your social media accounts to help filter those from reaching you.” 


On the topic of email, the most common way consumers are breached is through a technique called “phishing” and the specific form of “spoofing” is a hacking trend on the rise. “It’s easy for someone to send an email as a store, just by replacing a simple letter like using a ‘1’ for the ‘l’ in ‘Kohls’", says Marcos.  


It’s also easier now to mask a name or email address as though it’s coming from anyone’s legitimate email, like your friend’s exact email address or even looking like it’s really from Facebook. Marcos discussed the importance of checking the sender’s email address and the actual URL in any clickable links for errors by hovering over them before clicking through. And rather than clicking through an email to go to log in to any website, just navigate to that website directly through your safe internet browser. Hackers can make anything look real, and if you’ve clicked through an email to a fake Facebook site to enter your login credentials, you’ve just given a hacker your Facebook login information. 


5. What to do if you spot a fraudulent charge on your account?

If you wake up on Cyber Monday with an erroneous charge, “call your bank right away to report it”, stresses Marcos. Banks are getting more predictive and accurate at spotting scams (because they happen all the time), some even have real-time text messages and notifications that deploy if something out of character comes up on your account. Some banks will even make you approve larger purchases over a certain dollar amount or you can set up settings to alert you for those occurrences. If you spot a purchase that you didn’t make, the sooner you get the charges removed, the better the chance you’ll get access to those funds again.  


Then, you also have to worry about the aftermath of your information being breached. With identity theft being a rising concern, make sure to monitor your credit reports. Ask your bank if they offer free credit monitoring services. Ask your bank or employer what identity theft protection or credit monitoring benefits are available to you. 


Many would agree that identity theft protection insurance is an underutilized and must-have insurance policy in terms of keeping your data safe in today’s technology-driven world. More industries are requiring this protection for businesses due to the rise of breach occurrences, which is why we’re here to provide you with some tips for shopping safely online. Just like health insurance supports someone in the case of a health problem, individuals are recommended to start thinking about data privacy protection in the event their information is stolen and could be used against them for identity theft.


“I’ve learned that it’s a drawn-out and expensive process to recover from your identity being stolen. Having protection and insurance in place can help alleviate and speed everything up when it does occur”, adds Marcos. 


For more tips and insights on shopping safely online, make sure to subscribe to our news for more stories like this! For questions on this topic or any of UAT's advancing technology degrees degrees, please reach out! Happy Holiday Shopping!


The Integration of Drones into Cyber Security Strategies

You may be surprised, but drones are playing a pivotal role in enhancing network security in several innovative ways. As technology evolves, the integration of drones into cybersecurity strategies ...
Picture of Aaron Jones Aaron Jones 13 Min Read

Student Innovation Project Showcase - Summer 2023

At University of Advancing Technology (UAT), the Student Innovation Project (SIP) stands as the crowning achievement of an undergraduate scholar's tenacious efforts, focusing on a specific task ...
Picture of Madison Robinson Madison Robinson 13 Min Read

Defending Against Blacklotus: UAT's Cyber Security Program Sheds Light on UEFI Attacks

The Blacklotus malware is a UEFI bootkit that targets systems at one of their earliest points of availability. During the boot process. ESET malware researcher Martin Smolár noted that this begins ...
Picture of Aaron Jones Aaron Jones 13 Min Read