13 Cyber Security Tips for the 2020 Holiday Shopping Season

Holiday shopping is already in full swing. 

But, given that the CDC is recommending shoppers avoid crowded stores throughout the 2020 holiday season, Black Friday is going virtual, and Cyber Monday is every day.¹

According to a recent survey by Convey, “Shoppers are planning to shop earlier and mostly online, and they’re conscious of COVID’s impact on retailers […] 8 in 10 shoppers (82%) will do most of their holiday shopping online – and nearly 1 in 3 (30%) will do ALL of it online.”² 

Unfortunately, this also means there will be more cyber crimes and card-not-present fraud.

Don’t let a cyber grinch ruin your holidays. Use these 13 cyber security tips to protect yourself online during this holiday season. 

#1 Be Skeptical

cyber security

Cyber security online during the holiday season starts with being skeptical.

While we’d like to believe everyone is kind at the holidays, this simply isn’t true. 

According to McAfee, “It’s beginning to look a lot like the holiday season – and with the holidays comes various opportunities for cyber-scrooges to exploit. While users prepare for the festivities, cybercriminals look for opportunities to scam holiday shoppers with various tricks.”³ 

That’s why it is necessary to be skeptical rather than trusting.

Use common sense when shopping online.

If a deal seems too good to be true, assume it is a scam.

If you think an email is fake, it probably is.

#2 Watch Out for Seasonal Scams

cyber security

Unfortunately, the cyber scrooges have found ways to exploit the goodness in people’s hearts during the holiday season.

Email phishing scams are rampant during the holidays.

Cyber security is necessary when opening any and all emails this holiday season for this reason.

Cyber criminals send fake holiday e-cards with links that are malicious and steal personal information.

McAfee also reports, “Since many people do a lot of their holiday shopping online, users should also beware of shipping notification scams, as respondents […] have fallen victim to these scams throughout this year.”⁴

This particular seasonal scam is a threat this year due to the high number of shipping delays. 

If you receive a suspicious email about a delivery, do not open the links or respond with any personal information.

Sadly, charity donation scams are also an issue during the holiday season.

According to UCLA IT Security, “Cyber criminals try to take advantage of generosity given during the holiday season and may use fake charity requests to gain access to your information or computer/device. Don’t click on links in emails requesting donations. Contribute by navigating to the trusted address of the charity.”⁵ 

Cyber security tip – If the email has typos, grammar errors, or the company logo looks different, assume it is a phishing email.

#3 Shop Only on Sites You Know

cyber security

According to Etail Insights, “There are currently 7.1 Million Online Retailers in the world and 1.8 Million of them are in the United States.”⁶

Not all of these online retailers are trustworthy.

That’s why it is important to shop only at sites you know, such as the official online stores for in-store retailers you frequent (like Target or Kohl’s).

If you see a gift item advertised as significantly lower at an unknown online retailer, research to make sure it is a safe site before purchasing.

#4 Pay Attention to the URL 

cyber security

One way to practice cyber security online during the 2020 holiday season is to pay attention to the URL.

The URL is the website address, such as https://www.401kmaneuver.com/blog.

A website’s URL can tell you if it is a secure site.

Secure websites should use https. The “s” means secure. 

Additionally, the padlock icon appears to the left of the website address on secure online retailers.  

Cyber security tip – If you receive an email with links, hover over the link to see the URL where you would be taken if you clicked it. 

#5 Use a Credit Card 

cyber security

When shopping online, always use a credit card instead of a debit card.

It is better to have your credit card compromised than for a cyber criminal to drain your checking account.

Plus, credit cards offer fraud protection.

If you use a credit card and are a victim of fraud, the credit card company will fight for you because it’s their money. If you use a debit card and are a victim of fraud, you have to fight for your money. 

U.S. News explains, “Fortunately, if you become the victim of card-not-present fraud, your liability is minimal. Under the federal Fair Credit Billing Act, you’re not liable for unauthorized transactions when your credit card number (not the card itself) has been stolen.”⁷ 

#6 Keep Software Updated

cyber security

Set computer and mobile devices to update automatically.

In addition to installing software updates that make devices work better, these updates also make devices more secure and protect users from cyber criminals. 

#7 Don’t Autosave Info

cyber security

Yes, it is convenient to have the stores where you shop save your personal credit card information.

But, it is dangerous.

Because if you store your credit card information via autosave, hackers can access that information. 

Protecting yourself against cybercrimes is worth the little bit of extra time it takes to re-enter your credit card information each time you want to make a purchase.

Added bonus – It’s harder to make impulse purchases when you have to enter your credit card information.

#8 Avoid Public Wi-Fi

cyber security

Public Wi-Fi sounds like a good idea, but cyber criminals take advantage of it.

Cyber security online during the holiday season means avoiding public Wi-Fi for this very reason.

If you do not have unlimited data for your mobile device, use a VPN.

The National Cyber Security Alliance explains, “A VPN is a service that encrypts all of a device’s internet traffic and routes it through an intermediary server in a location of the user’s choosing. […] 

The encryption part of a VPN is similar to what you get when you visit an HTTPS site. 

Anyone who happens to intercept internet traffic between the smartphone or laptop and the VPN server won’t be able to decipher its contents, including Wi-Fi hackers.”⁸ 

#9 Use Strong Passwords and Multi-Factor Authentication

cyber security

Possibly the most effective ways to practice cyber security are using strong passwords and multi-factor authentication.

Essentially, make it as hard as possible for a cyber criminal to access your accounts.

When creating strong passwords, use a combination of letters, numbers, and symbols.

Also, avoid these common password mistakes…

  • Using personal information, such as a pet’s name or anniversary.
  • Using your user ID as your password.
  • Using simple number sequences, such as 12345.
  • Recycling your password and using it for multiple websites.
  • Not changing your passwords frequently.
  • Sharing passwords.

With multi-factor authentication, the user has to enter additional proof of ID to gain access.

For example, require both a password and a one-time verification code to be sent via text message. 

While a cyber scrooge may have your password, unless he has access to your cell phone, he won’t have a way to receive the one-time verification code sent to your phone.  

#10 Go Directly to the Source

cyber security

Treat emails or pop-ups as suspicious unless you can verify them.

Earlier, we discussed holiday shipping notification scams.

If you receive an email from a shipping company such as UPS, go to the UPS website or contact customer service to verify rather than clicking any links inside the email. 

#11 Check Your Statements

cyber security

Stay on top of cyber security online during the holiday season by routinely checking your credit card and bank statements.

If you notice any discrepancies or purchases you have not made, contact your credit card company immediately. 

#12 Never Give Your Personal Info Out Online

cyber security

Never (ever ever) give out your personal information online.

If you receive an email or text message requesting personal information, such as your credit card number, it is likely a scam.

#13 Use Virus Protection

cyber security

Antivirus programs remove malware from your computer and protect it from viruses.

If you do not already have an antivirus program on your computer, practice cyber security online during the holiday season by installing one today.

We regularly post videos with financial information and updates. Check us out on YouTube.

Watch Videos


  1. https://www.cdc.gov/coronavirus/2019-ncov/daily-life-coping/holidays.html#thanksgiving
  2. https://martechseries.com/mobile/mobile-marketing/e-commerce-and-mobile-commerce/consumers-adjust-holiday-shopping-due-to-covid-and-are-willing-to-grant-retailers-leeway/
  3. https://www.mcafee.com/blogs/consumer/consumer-threat-notices/holiday-scam-cybersecurity-survey/
  4. https://www.mcafee.com/blogs/consumer/consumer-threat-notices/holiday-scam-cybersecurity-survey/
  5. https://www.it.ucla.edu/security/resources/best-practices/protect-yourself-online-this-holiday-season
  6. https://www.etailinsights.com/online-retailer-market-size
  7. https://creditcards.usnews.com/articles/what-is-card-not-present-fraud
  8. https://staysafeonline.org/blog/stay-secure-public-wifi-traveling/
0 0 votes
Article Rating

401(k) Maneuver™ is offered by Royal Fund Management, LLC, which is registered as an investment adviser with the SEC and only transacts business in states where it is properly registered, or is excluded or exempted from registration requirements. SEC registration does not constitute an endorsement of the firm by the Commission nor does it indicate that the adviser has attained a particular level of skill or ability. Royal Fund Management, LLC, is not affiliated with or endorsed by NASDAQ.

All investment strategies have the potential for profit or loss. Changes in investment strategies, contributions or withdrawals, and economic conditions may materially alter the performance of your portfolio. Different types of investments involve varying degrees of risk, and there can be no assurance that any specific investment or strategy will be suitable or profitable for a client's investment portfolio. There are no assurances that a client’s portfolio will match or outperform any particular benchmark. Asset allocation and diversification do not ensure or guarantee better performance and cannot eliminate the risk of investment losses. Projections are based on assumptions that may not come to pass.

Images and photographs are included for the sole purpose of visually enhancing the website. None of them are photographs of current or former clients. They should not be construed as an endorsement or testimonial from any of the persons in the photograph.

All third-party trademarks, including logos and icons, referenced in this website and our content, are the property of their respective owners. Unless otherwise indicated, the use of third-party trademarks herein does not imply or indicate any relationship, sponsorship, or endorsement between 401(k) Maneuver and the owners of those trademarks. Any reference inside this website or content to third-party trademarks is to identify the corresponding third-party goods and/or services.

Would love your thoughts, please comment.x

Select a Date from the Calendar below


Select a Date from the Calendar below


Have questions? Need help?

Book Your Complimentary

15-Minute 401(k) Strategy Session


Looking for tips that might maximize your retirement
savings and help you be a better steward of your money?

Subscribe to our 401(k) Blog

The go-to-source for your retirement investing and saving tips

5 401(k) Accounts Mistakes that May Negatively Affect Retirement Income

Download Your Copy Today

*Your privacy is important to us. We do not rent, sell or share your information.

Why Account Balancing & Allocation May Affect 401(k) Performance

Download Your Copy Today

*Your privacy is important to us. We do not rent, sell or share your information.

The 5 Top Costly 401(k) Rollover Pitfalls

Download Your Copy Today

*Your privacy is important to us. We do not rent, sell or share your information.

Make the Best Decision for Retirement:
Understanding the Different Types of
Financial Advisor Licenses

Download Your Copy Today

*Your privacy is important to us. We do not rent, sell or share your information.

How Popular Advice On Target Date Funds May Be
Working To Undermine Your 401(k) Retirement Savings

Download Your Copy Today

*Your privacy is important to us. We do not rent, sell or share your information.

3 Things That May Supercharge Your Future
401K Performance...Even In a Down Economy

Download Your Copy Today

*Your privacy is important to us. We do not rent, sell or share your information.