Skip to Page Content


Online Safety Tips for the Holidays

Monday, November 26, 2012

Just as you’re seeking the best online deals during the holidays, others may be taking advantage of your giving spirit in the latest phishing scams.

“Criminals know we are all out to make our budgets stretch as far as possible, and get the best deals on holiday goods,” said Laura Heilman, security awareness training and education manager with Enterprise Information Technology Services (EITS) in the Office of Information Security at the University of Georgia. “Phishing and other online scams are prevalent during the holidays.”

And as someone who trains and educates folks on cyber security issues, she offers a few tips for avoiding phishing and online scams. Much of her holiday-themed advice comes from the anti-phishing firm Wombat Security Technologies.

To avoid phishing and other online scams, Heilman offers the following advice:

  • Avoid opening coupon attachments. Most companies will post coupons on their website — that's where you should go to get your coupons. Always avoid opening email attachments and do not download anything from a source you do not recognize.
  • Avoid clicking that link. The holiday season is the most popular time of year to send and receive electronic greetings cards (e-cards). Many scammers use e-cards as a way to trick email recipients into downloading malicious software, or providing personal information in order to retrieve the card. Be especially cautious of any e-card that comes with an attachment. Think it through and look for the signs of a fake e-card:
  1. misspellings
  2. errors in the message that tells you how to pick up your cards
  3.  you do not know the sender
  4. the sender is anonymous or has a fake-sounding name
  5.  the URL you have to go to in order to retrieve the card looks off or odd (examples: instead of or instead of

If the card is supposedly from someone you know, you can contact that person to make sure it actually came from them before you decide to retrieve the card. If they did not send it, simply delete it.  It is better to do that than run the risk of infecting your machine with software that might spy on you, steal your account login information, or tamper with your data.

  • Be cautious. When someone reaches out to you on social networking sites like Facebook or LinkedIn, do not approve the connection if you are unsure if you know the individual. Be especially wary if you have not met the person face-to-face or if the connection request seems out-of-the-blue.
  • Ensure you have a secure internet connection for online shopping. Never shop, check email, or visit banking or credit card sites while using public Wi-Fi. Make online purchases only from trusted merchants and be sure your transaction is protected by encryption.

How? Look for the “https:” in the shopping site's URL or a lock symbol, either to the left of URL in the address bar, or near the bottom of your browser window. Also, avoid using your debit card when shopping online. It is directly connected to your bank account and may not carry the same level of consumer protection as your credit card.

  • Trust your instincts. If an online deal seems too good to be true, it probably is.

Take a few moments to investigate the website that offers the deal — does it give contact information that lists a physical address? Does the website have a privacy policy that specifies how they will use your personal information, how you will be billed, and by whom? Check theBetter Business Bureau and run a search for consumer reviews of the website.

These few preventative steps can help protect you during the holiday season.