Skip to main content
Home / Fraud Center

Online Holiday Shopping Safety Tips

Initially fueled by the reduction of in-person shopping during the pandemic, online holiday shopping is expected to reach record highs this year. In fact, according to the National Retail Federation, “holiday retail sales during November and December will grow between 6% and 8% over 2021 to between $942.6 billion and $960.4 billion.” Unfortunately, each year the number of online shopping scams and cybersecurity fraud seems to grow as well. Last year alone, consumer fraud was up over 70% over the year prior, reaching almost $6 billion in losses. 

woman shopping on mobile phone

Recently we’ve written about the Top 5 Holiday Season Cybersecurity Tips for Small Businesses, but it’s important to address these same issues from a consumer perspective—especially this time of year when online purchases are at an all-time high and cyber criminals are also working overtime. In this post, we’ll share our best online shopping safety tips specifically for consumers in Southern Wisconsin and Northern Illinois, giving advice on basic internet safety and how to avoid online shopping scams.

Stick to Websites that You Trust

When you are looking for a good deal on a specific product, either through your web searches, click-bait advertisements while browsing, or social media sites, you may find it listed on a website that isn’t one you normally patronize. And if the price is good, you might ignore red flags hoping to snag that steal of a deal. Unfortunately, there is a proliferation of fake websites that either spoof (copy) existing legitimate sites or are made to look like their own legitimate business. Sometimes goods are counterfeit, while other times they don’t exist at all—you will send your money but receive nothing in return. And the worst-case scenario is that once you send money or account information, additional fraudulent charges will begin to rack up. 
So how do you avoid shopping on fraudulent websites? These are the five best ways to ensure you are doing business through a legitimate online storefront:
  1. Perhaps the easiest thing to do is simply stick to websites you have used in the past. If you have had successful transactions with a business before, chances are they can be trusted.
  2. If you need to branch out for a purchase, only shop with reputable companies. If the company is well known and regarded, it is probably a safe bet to shop through its online store.
  3. On the fence? Do a little research. Conduct a web search for reviews of the website or look it up on Trustpilot. Ask friends or family if they have ever shopped there and what experience they had if they did.
  4. Make sure the site is secure and not vulnerable to hackers and cybercriminals. You can check the security of a site in two ways in your browser bar: looking for a security logo (usually a  padlock) next to the URL or looking for an “https” (rather than simply an “http”) at the beginning of the web address. 
  5. While you are investigating your browser bar, the last thing you need to do is check that URL. However, even if you are familiar with a company, be aware that some fake websites have similar addresses but slightly different than the legitimate website they are spoofing. Look for these minor differences. You can also use tools like URLVoid to help spot fake sites. However, even if they clear the site, follow other measures to ensure that it truly is a legitimate business.
And most importantly, do not create an account (even in exchange for a discount!), offer financial or personal information, or download anything from a website (including apps!) unless you have taken significant measures to ensure its safety and authenticity.

Be Careful When Using Public Wi-Fi and Shared Computers for Shopping

You may be out and about a lot this time of year, whether shopping around town or traveling afar. While public Wi-Fi, like networks found in coffee shops, airports, and hotels, is safer than it used to be, thanks to individual websites being able to encrypt your data (the “lock” icon), it still carries some major risks. Additionally, as the Federal Trade Commission (FTC) points out if the network requires you to install a digital certificate to access it, it not only serves to protect the network from users (its intended purposes) but “also allows them to read your traffic, even if it’s to a site using https.” And using a shared computer can leave you vulnerable to similar security issues, assuming the computer isn’t infected with spyware, which can track your every keystroke, picking up personal information and passwords along the way.
So how do you stay safe when using shared networks and devices? Here are some simple things you can do:
  • You can trust “https” websites to some extent, but remember that hackers can make an https site, too—this designation alone isn’t foolproof. Stick to trusted sites as your best bet when visiting websites on public networks.
  • If using a shared device, be sure to sign out of any websites before logging out completely, decline if you are asked to save your password or credit card information, and avoid logging into financial websites or other sites that hold exceptionally sensitive information.
  • Just avoid it. Shared devices should only be used if no alternative is available and used with extreme caution. As for public Wi-Fi, it’s better to use your own mobile data if possible. Mobile data is usually encrypted, using your phone or a hotspot through your phone is more secure than public Wi-Fi. Additionally, turn off the “auto connect” setting that allows your device to automatically join nearby Wi-Fi networks—this way, you can be sure you are only ever connected to networks that you chose because you trust them.

Read Seller Reviews

When shopping at online marketplaces with individual sellers, including sites like eBay, Amazon, and Etsy, you may not be able to simply trust the authenticity of the sites. These marketplaces rely largely on user reviews to guide purchases, and it’s important to use reviews as a tool to form your own decisions about what to buy. 
The nice thing about purchasing through reputable online marketplaces where the overarching website manages the financial transaction is that you, as a buyer, are usually protected if the item doesn’t arrive, is of poor quality, or doesn’t match the listed description—and you are also protected from financial fraud, too. But sellers may dispute returns, and the hassle of returning a product or filing a claim for a lost item can throw a wrench in your holiday plans and gift-giving timeline. 
Prior to purchases, scrutinize reviews of both the item and the seller:
  • Look at the star ratings. There should be a good mix of ratings, with the bulk falling in the upper ranges. The more ratings, the more likely the product or seller is legitimate. Avoid purchasing something with few or no ratings.
  • In addition to checking out that star rating, it’s vital to read the reviews. If the website allows you to filter them, start with the one and two-star ones—these are more likely to be real and offer useful information.
  • Watch out for fake reviews. As WIRED points out, “unscrupulous or desperate sellers pay for glowing reviews, and some offer gift cards or free products in exchange for five-star ratings.” How do you know if the bulk of good reviews are genuine? Reviews that are “too positive” can be a dead giveaway. Additionally, more legitimate reviewers will admit that they received a kickback in exchange for a positive review—look out for these, knowing that this is a practice the seller employs. Other giveaways may include too many five-star reviews, positive ratings lacking specific details, and poor grammar.
  • Be extra wary of exceptional deals. As the saying goes, if it sounds too good to be true, it probably is. Even if the price is good, see how well it stacks up to similar products from other retailers.
  • Only pay for goods through the marketplace. Do not pay sellers directly or make payments outside the host market’s integrated payment system.  

Use Strong and Secure Passwords

Many—but not all—online retailers will require that you create an account. If you have the option of tying the new account into an existing one, like Google, that is usually the more secure option. If you don’t plan on shopping at a site frequently, you may decide to check out as a guest. However, if you are required to create an entirely new account, here are some things to keep in mind:
  • Use strong passwords. Good passwords are unique and complex, using a variety of upper and lowercase characters, symbols, and numbers.
  • Do not reuse passwords from previous sites, even though it’s tempting. If you are worried you will forget a password, your device will likely offer to save it, and keep in mind that most websites provide options for resetting yours through your email account (which should also have a secure and unique password).
  • Use a password manager to generate and store secure passwords. Your device likely comes with one—use it! It will not only create exceptionally hack-proof passwords, but it will keep them for you, using multi-factor authentication (MFA) or two-factor authentication (2FA) to verify your identity before login. 
  • Use MFA/2FA. If given the option for websites (as well as credit cards), always enable this function. As mentioned above, this will require you to utilize an additional method of identification above a password to ensure that you and you alone can authorize purchases. 

Watch out for Phishing Emails and Other Scams

This time of year is a prime time for email scams. Cybercriminals take advantage of three major consumer vulnerabilities during the holidays: increased online activity (particularly related to shopping), the desire to save money on holiday purchases, and the overall busyness of the season. 
With phishing, scammers will use email (or sometimes text, social media messages and phone calls) that appear to come from legitimate companies. Typically, you will be asked to log into your account to verify the account or personal information or be required to respond to an urgent issue relating to your account. However, during the holidays, scams may be more tailored: you may be offered a special deal or required to address an issue with an order, requiring you to click on a link to log into your account or download an attachment (for instance, a “coupon”). Lastly, Gift Card Scams, where you will be asked to purchase gift cards from Amazon or other retailers to pay for a purchase instead of using usual payment methods. The result of responding to any of these scams can be any of the following:
  • You give away your login credentials for the actual company site (for instance, Amazon).
  • You download malware to your computer or phone.
  • You give away personal information that allows cybercriminals to open new accounts in your name.
  • You give away financial information like credit card numbers that allows scammers to make fraudulent charges to your account.
To avoid getting scammed this holiday season, take the following precautions before engaging with an unsolicited email or offer, regardless of who it appears to come from:
  • Never download attachments from emails. Go straight to the website or an official app store for necessary downloads.
  • Hover over links and check the URL for validity before clicking. Better yet, type the known web address directly into the browser bar (or open the official app) and log into your account this way.
  • To safely respond to urgent requests, contact the company or financial institution directly through their official website (see above) or by calling a verified number. And keep in mind most retailers and financial institutions will never email you and request personal information.
  • Look out for signs that an email/message is illegitimate: poor grammar, cheap graphics, urgent requests, and email addresses that don’t come from an official company address (for example, “” or “”). 

Shop with a Secure Credit Card or Debit Card

Even if you take extraordinary precautions, things outside of your control can cost you financial loss. Businesses can go under, packages and orders can get lost, or your data stored at a secure website could still be exposed to a breach. To protect yourself from financial losses, it’s important to use methods of payment that come with consumer protections. Credit cards are often the go-to choice, as federal regulation caps your liability on these purchases at $50. However, many credit cards, including our Personal Credit Cards at First National Bank and Trust, offer something even more robust: Zero Fraud Liability.
If you can’t use a credit card for purchases or prefer to limit your spending to money you have in hand, a debit card is your next best choice. Online purchases are protected through the Electronic Fund Transfer Act (AKA, “Regulation E”), and your liability is limited as long as you report the fraud within two days. But more and more debit cards are offering Zero Fraud Liability, among other perks, similar to credit cards. Our Debit Mastercard® not only offers great rewards and the ability to disable it instantly through our convenient app, but it also comes with the same Zero Liability Protection.
Whether you use a credit or debit card, it’s important to utilize other safety features like fraud notifications and multi-factor authentication, keep your cards and card information safe and report any suspicious activity immediately. 

Keep Track of Your Purchases

Monitoring your credit and debit card transactions is essential to fully protect yourself this holiday season. Not only will it allow you to report fraudulent purchases immediately so that you can take full advantage of consumer protections, but it will also save you the headache of disputing further charges if you catch the activity early on. And it’s a great way to help you stick to your budget. 

Credit and debit card transaction records available through your card or bank’s online portals, and apps make monitoring your purchases exceptionally easy—just one of the many benefits of online banking. There may be additional optional features that alert you of transactions via text message or require you to approve purchases through a second level of authentication (for instance, a message sent to your affiliated phone number) ---speak to someone at your financial institution to find out if your card has these options.
While it’s always good to scrutinize your monthly statements, during this time of year, it’s helpful to review them even more regularly as you try to keep your spending at an affordable level, and your number of transactions may increase significantly. Even taking a peek once a week can prevent many potential issues down the road!

Make Smart Financial Decisions this Holiday Season with First National Bank and Trust

Since 1882 First National Bank and Trust has strived to provide our customers with Sound Advice. More than just a catchy motto, it’s who we are and what we promise every day. From advice to help you safely through the end-of-year shopping season to products and tools to help you protect your finances from fraudulent activity. 
Open a Zero Liability Personal Credit Card with us today to protect those holiday purchases, or stop in one of our many regional locations in Beloit, Clinton, Darien, Delavan, Elkhorn, Janesville, Argyle, Rockton, Roscoe, Walworth, Williams Bay, and Winnebago today to see what we can do for you this holiday season.