Avoid holiday hacking: shop smart online

Three credit cards on a table with a lock placed on top.

Published December 5, 2019

by Orly Stein

Online shopping has made life so much easier. Unfortunately, it also made it easier for criminals to get their hands on our personal information.

It’s a risky time of year



UBIT Student Ambassador Orly Stein.

Orly Stein (UB Student, Class of 2022) is an Information Technology and Management major from Long Island, NY. In the future, she hopes to get more experience with cyber security and pursue a career in the field. In her free time, Orly enjoys playing soccer, going to SoulCycle with her friends and snowboarding.

The holiday season is the perfect time for cybercriminals to take advantage of unsuspecting online shoppers. 

During the holiday season last year, online purchase fraud (when a criminal gains access to stolen payment information to make online transactions without the owner’s knowledge) increased by 13%, according to data provided by ACI Worldwide. 

Taking simple precautions and building better online shopping habits will help protect your personal information.

Your protection is only as good as your password

The best way to prevent a holiday hack this year is by creating a strong and unique password for every website you purchase from. 

Use passwords or passphrases that contain uppercase and lowercase letters, numbers, and symbols. Avoid using the same password for multiple accounts and NEVER use your UB password on other sites. 

Lock down your login

Many companies and institutions (including UB) offer two-step verification on their sites to provide an extra layer of protection. As a result, it is far more difficult for a cybercriminal to hack your account. 

The harder you make it for cybercriminals to break into your private space, the more likely they are to give up and target someone else.

UB’s two-step verification (Duo) is extremely important to keep your UB accounts safe and secure as well.

Check what your apps are allowed to do

Run a quick audit on your apps to make sure they’re not collecting all your data and controlling your devices.

For example, is it really necessary to share your contacts with a shopping app? Most likely, no. 

If blocking a specific app permission doesn’t interfere with the app’s basic functionality, you should turn it off.

iOS app permissions: From the Settings app, press Privacy to see all the permission available. Click on any entry to see the apps that have those permissions and disable if necessary.

For individual app entries, go to Privacy and then Settings. The toggle switch can either grant or refuse a permission.

Android app permission: Open Settings and then go to the Apps & Notifications menu. Click on the app you want to look at and then click on Permissions to see everything it has access to.

To browse by permission, go to App permissions on the Apps & Notifications screen. 

Windows app permission: Click on the Start menu to open Settings and select Privacy. The options are sorted by permission rather than by app. You can grant or deny a permission with the toggle switch.

MacOS app permission: Open the Apple menu and choose System Preferences. Next, click Security & Privacy and then open the Privacy tab.

You can see all the permission categories and click on the entries on the left side to see which apps have requested and been given permission. 

Think before you act!

When using a website, check the address bar for a lock icon and https:// in the URL. If it is only http:// (not https://) there is no encryption and you should not enter your credit card information!

Only use the sites of retailers you know and trust. Conduct research when using a new website for purchases and read customer reviews. 

Remember – if something sounds too good to be true, it probably is!