The Salt Lake Chamber wishes our business community and all holiday shoppers a safe and joyful season! As many of us go about preparing for festivities it’s important to be wary of criminals who would dampen our holiday season by stealing our information and draining our bank accounts. Share the following tips with your friends, family and co-workers to keep them safe and full of holiday cheer!

1. Create and maintain your online shopping accounts safely

Establish a strong password for each online shopping account. Always use more than ten total characters consisting of uppercase letters, lowercase letters, numbers, and special characters to create a strong password.

Use different passwords on each of your online accounts. If one retailer experiences a data breach in which your credentials are leaked, using the same password between accounts makes it quick and easy for criminals to exploit you and your information. If you have trouble remembering all your unique passwords, consider using a pattern for your password or a password manager. Learn more in the Why Strong, Unique Passwords Matter newsletter.

Try to avoid saving payment information online. The inconvenience of having to enter your credit card information each time keeps you safer because a data breach at a retailer will not expose your financial information. It also means your payment information is not saved or ready to be used by anyone who gets access to your account.

Dedicate one credit card to online purchases or pay through a secure online mechanism. By using only one credit card online you’re limiting the damage that can happen if malicious actors gain that information. Alternatively, use one of the online payment mechanisms, such as PayPal.

2. Shop with trusted online retailers while browsing safely

Use well-known online retailers that have an established reputation for cybersecurity. Verify that they have good contact information listed on their site, and check with the Better Business Bureau or the FTC if you have questions or concerns.

Look for the lock symbol at the top of your browser or “https” in your URL bar. These mean that your communications with the website are encrypted and safe from prying eyes.

Never shop or log in to personal accounts when on public Wi-Fi or a public device. Public Wi-Fi can make all the personal information that you transmit visible to criminals. Public, shared devices, such as kiosks or library computers, can be infected with malware that will steal your information.

Do not leave your browser open on a shopping site for long periods of time. Websites that use advertising feeds have occasionally had them hijacked by cybercriminals, who are then able to put malware on your device. This malware can steal your personal information or encrypt your device and demand a ransom to return it to your control.

Keep your devices up-to-date. Always apply updates to your devices and software when they are available. Keeping devices up-to-date means you have applied all the available fixes for known problems and vulnerabilities. This makes you more secure.

3. Be smart when it comes to email confirmations and tracking information

Be careful which links you click on in your emails. At this time of a year, a favorite trick among cyber criminals is to send emails purportedly from the major shipping companies with a link to track your package. These may be a scam to download malware. They count on the fact that you’ve ordered many things online and are waiting for a package. Instead, cut and paste the tracking number into the shipping company’s website in order to track it. Additionally, always head directly to the site of the company you want to shop with by entering the URL into your browser when aiming to log in. Avoid clicking links directing you to log in, as they may send you to a malicious site that looks real, but can just steal your information.

Do not use your work email address for retail accounts. By using one of the free webmail accounts, such as Gmail or Hotmail, it will be much easier to identify a potentially malicious email coming to your work email, since the online retailers should not know that email address. This can also help you prevent criminals from knowing where you work, which is information than can potentially use to hack into your work account!

For more holiday shopping advice, check out this tip sheet from the National Cyber Security Alliance or following these reliable best practices from The Center for Internet Security.