SkipToMainContent

Device Security

How can I avoid phishing scams when holiday shopping?

November 13, 2020

Computer and mobile device users are always at risk of being hacked, scammed, and phished, but when the holidays arrive, crooks really have an opportunity to cause some mischief.

They’re hacking consumers using sophisticated phishing attacks that attempt to trick people into giving up their personal information, including bank account or credit card data.

Don’t be one of the 978 million consumers who lost a combined $172 billion to hacker attacks in 2017.1 Follow these five tips to protect yourself during the holidays.

Watch out for deals that are too good to be true

Black Friday “doorbuster” deals have convinced the world that insane discounts are to be expected once the holidays roll around.

Amazing discounts and promotions – delivered via email, text message, or an opportune pop-up window on the Web – may lead you to bogus ecommerce sites strictly designed to separate you from your credit card number. Order the merchandise promised, and it may never come – but you’ll be charged for it (and more) just the same.

Be extra vigilant when shopping for the holidays. Some deals sound too good to be true because they are. They could be outright scams.

Double-check website domain names

Phishing is most effective when a scammer is pretending to be a brand you know and trust. A high-quality but phony store hawking well-known or high-demand products is likely to look almost identical to the real thing – so be vigilant in looking for signs that reveal its true colors.

Start with the domain name: Norton.com and bestnortonoffers.biz are very different websites, and cryptic names like the latter are likely to be purveyors of scams. While you’re at it, make sure everything in an email promo is legitimate before clicking on embedded links. For example, inspect logos, email address headers, and the text and content of messages before clicking anything. Better still, keep your Norton products up to date in order to block spam and phishing emails before they ever get to your inbox.

Make sure merchant websites are secure

In recent years, websites have been moving from HTTP to HTTPS, a communication system that encrypts all traffic between users and the websites they visit, which can dramatically improve security against certain types of attacks.

It’s easy to tell whether a website is not secured with HTTPS. All major web browsers indicate this with an icon to the left of the site’s URL. The icon is a lowercase “i” with a circle around it on Edge and Firefox; Google Chrome also notes “Not secure” on insecure sites.)

HTTPS (with S on the end) is a secure protocol because it includes encryption and authentication, which keeps the information shared between your computer and the website private.

HTTPS might not be as important if you’re visiting your neighbor’s blog, but it is if you’re on a site where you plan to buy something, where you need to provide your payment card credentials, your address, and log in with your username and password.

Instead of, or next to, the lowercase “i” icon on every browser, look for a locked padlock icon on retail sites that shows they are using the most current security mechanisms, indicating that your shopping sessions are encrypted and secure.

Remember to be patient

When you’re in a rush to complete your holiday shopping as quickly as possible, it’s natural that you might miss something. Take a breath and slow down. Cyberthieves often prey upon people’s poor cyber habits, or attempt to trick you with phishing messages designed to make you panic – such as warnings about a delayed package or a credit card purchase that didn’t go through. Just as a big discount might be too good to be true, an urgent warning might be too dramatic to be taken at face value.

How to stay safe

Norton 360 protects from many of these scams, protecting more than just your PC. You can protect multiple devices by downloading Device Protection to your Mac, smartphones, and tablets to ensure that all your devices have protection.

Keeping You Cyber Safe

Maximize the value of your Norton 360 subscription by installing protection on multiple devices, staying more private on public Wi-Fi with VPN, backing up your most important documents with secure PC Cloud Backup, and getting notified if we find your information for sale online with Dark Web Monitoring powered by LifeLock.

Don’t have our one of our newest Norton 360 plans yet? Click here to upgrade.


1 https://us.norton.com/cyber-security-insights-2017


Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2021 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.