It’s the most wonderful time of the year. As 2018 winds down, we’ve begun preparing for the upcoming holiday season. There’s a good chance you’re completing some of the prep early thanks to online shopping. 57% of all purchases during this time of year is thanks to online shopping. As you begin your search for the best deals and discounts, it’s vital to make sure you protect your PC from hackers who are looking to exploit your information during this happy time of year.

Online shopping, without a doubt, makes our lives easier. With this shift in convenience, we, unfortunately, are faced with the increased exposure to vulnerabilities that can steal our data (including access to bank accounts!). Here are our favorite tips to help you smartly shop online and keep the holiday season happy.

1. Update Your Device

When you neglect to update your device, you’re subject to the increased risk of a vulnerability attack. While they may be annoying, updates are vital when it comes to keeping your devices secure. Hackers are smart and keep up to date on the vulnerabilities that exist on out of date devices. Despite their persistently annoying reminder windows, updates are vital to maintaining the security of your applications and software. Hackers know the weaknesses of out-of-date devices. If you don’t update, you’ve essentially left a wide-open backdoor for hackers to gain access to your system and all the data inside. It’s essential to remember that updates aren’t optional, they’re mandatory. Don’t be part of the 51% who delays computer updates.

2. Use Sites You Trust

During this shopping season, countless fake websites are popping up. They all claim to give you the lowest price possible, but, it’s probably a phony site just looking to steal your credit card information. Make sure to use sites you’ve purchased from before and trust. If you’re still not sure if a site is safe, you can look for a small lock icon in the URL field. This can help you determine if the site you’re on has privacy protection installed. Websites come in two forms; HTTP and HTTPS. HTTP sites are unencrypted, and more times than not are dangerous. Those who use Google Chrome are at a slight advantage because when users head to an unencrypted site, the Chrome browser now alerts users. If you’re shopping on an HTTP site, buy at your own risk.

3. Smart Payments

How you can pay for your goods, can be a dead giveaway about the validity of a site. You should treat sites that accept money orders, wire transfers, or checks with the utmost caution. Instead, try to shop on sites that take secure payment methods such as PayPal. When you can, use a credit card instead of a debit card, so you are protected if your information is compromised. As always though, check your account transactions regularly for suspicious purchases!

4. Shop at Home

While it’s tempting to get some shopping done while you have some downtime at the local coffee shop, it’s not the best idea.  Using public Wi-Fi at the coffee shop could very easily give hackers direct access to heaps of critical information (your passwords, credit card numbers, and more). If you must connect to public Wi-Fi, then make sure you have a VPN to ensure a secure connection.

The most secure option if you MUST shop while you’re waiting is a personal hotspot. Did you know that if you have a smartphone, you have a personal hotspot? If you’re data plan that can support it, use that over public Wi-Fi. It may not always be the cheapest option, but you can guarantee you are safe. Plus, with unlimited plans becoming prevalent again, high data usage concerns are becoming a thing of the past.

5. Put Barriers in Place

The best passwords are the ones you don’t even know.  All a hacker must do is guess your password once, and they gain access to much much more. Make your password secure and unique for each account you have. Take advantage of a passwords management site such as LastPass to help manage all your account passwords. LastPass even automatically generates passwords that are indecipherable at a glance. If a hacker can get into one of your accounts (and you use the same passwords on multiple sites) the joy of the holidays will be quickly gone.

If you can, consider using multifactor authentication (MFA) on your account. MFA means that a user is must provide two types of authentication. Typically, this is a username and password plus one additional form, on a separate device (i.e., phone) a randomly generated One-Time-Passcode or push notification is created. Once the user enters their password AND code, then and only then can they log in. Even with a password, the hacker would still need your mobile phone to log into your account. It is important to note that multifactor authentication isn’t a silver bullet. Security threats are constantly evolving, but MFA is a significant upgrade when it comes to protecting your data.

6. Be Vigilant

If a deal arrives in your inbox and seems too good to be true, it probably is. Be careful when clicking on these, because these links can infect your computer with viruses in a split second. If you are unsure of the sender, it’s in your best interest to delete the email and don’t open any attachments. Spelling errors can also be a dead giveaway of a potential attack. Always check URLs that look unfamiliar.

Remember though that not all phishing attempts appear to come from strangers. Often, cybercriminals will impersonate friends and colleagues. If you receive a request from your boss to purchase an unusual amount of gift cards, pick up the phone and talk to them to confirm the request. If you’re still not sure about an email, forward the email to your IT department so they can double check the validity of it.

Ready, Set, Shop

Be alert and make protecting your information a top priority while online shopping. Cybercriminals aren’t going to take a holiday off so make sure you’re shopping smart this holiday season!