10 holiday online shopping security tips from a CU Denver expert

December 1, 2014
Photo: Internet mouse computer broadband (iStock)

Cyber Monday may be over, but the holiday shopping season has only just begun for many consumers.

According to USA Today's interview with IBM Smarter commerce, retailers are keeping some inventory and working on promotions to entice consumers to shop all week long.

University of Colorado Denver cyber security expert Jason Lewis said that during the holiday season, there may be an uptick in schemes to acquire personal information from online shoppers. To protect yourself online, Lewis has a list of ten security tips to follow:

  • Remember: If it seems too good to be true, it probably is.
  • Ensure that you don’t become a victim of a phishing scam: go to the correct website (watch for typos) and be sure that the link in your email is legitimate.
  • Know your store/seller. Research the store if it is not one of the large national chains.  Ensure it is legitimate before you make a purchase. Consider checking the Better Business Bureau.
  • Use a credit card, not a debit card: credit cards offer more protections, plus if your debit card is compromised it can be a lot of work to clear up (your bank account might be frozen or have all of its funds depleted).
  • Many credit card companies offer a one-time credit card number to use online.  Consider using this feature.
  • Designate one credit card for all on-line purchases, if compromised, it's the same card.
  • Always sign up for 2-factor authentication with online sites, and especially banking.
  • When creating a new account on the sellers’ site don’t use the same password you use for your email and banks. That way if the store is “hacked” the hacker won’t get your passwords.
  • Don’t use public browsers to make your purchase.
  • Keep Antivirus software up to date and scan for malware before/after major purchases.

But if consumers had to follow only one of his tips, Lewis said they should not believe deals that look too good to be true.

"Realistically, a legitimate business can't offer you much of a discount over what Amazon, Walmart, Home Depot, can offer you. So if it's substantially cheaper than what one of the traditional retailers is offering, it should raise some red flags," Lewis said.

Many consumers also use the same user names and passwords for shopping as for their banking and email, which causes problems if they are compromised, according to Lewis.

Hazel Heckers, the Colorado Bureau of Investigation's victim advocate, told "Colorado Matters" in October that about one in four Coloradans might be a victim of identity theft.

"The cost is anywhere from a few hours of their time to days and weeks and thousands of dollars if it is a more serious identity theft," she said.

This October, the federal government increased efforts to protect online consumers. President Obama signed a consumer financial protection Executive Order intended to increase government investment in technologies that increase the financial protections online.