JESHOOTS / Pixabay

’Tis the season for online shopping. But while you’re busy searching for the best deals, don’t forget cybercriminals are busy phishing – trying to steal your sensitive data so they can use it to commit fraud, among other things.

Phishing is a technique used by cyber criminals to trick and deceive users in order to steal their sensitive information, such as passwords and credit card numbers. Criminals are able to do this by tricking the user into believing they are on a safe and secure website. These attacks are primarily launched through emails, but have since spread through to social media networks and even mobile devices. Essentially anything that utilizes the internet is subject to phishing attacks.

Many times, the emails will include a link that brings the user to a site that appears to be confidential and safe. However, these sites are merely imitation sites. They offer zero security and are often made to appear almost identical to the real site. Users who are not operating with virus protection and aware of proper security protocols are subject to victimization. Phishing emails make promises of free products, fast ways to make money or free jobs, which can attract a wide variety of people. The holidays see an uptick in these types of attacks, with people utilizing their email to make online purchases or shopping on their mobile devices. The question at hand is – how can we prevent these types of phishing attacks?

Here are a few tips to keep your information safe while shopping online this holiday season:

  1. Learn How to Identify Phishing Emails:

Phishing qualities can be easily recognized right off the bat through an email. They duplicate the image of a real company, include sites that are visually similar to a real business, and promote gifts or the loss of an existing account. They often times will tell the user that their account is going to expire. It is important to cross-check these sites against official sites through research.

  1. Check the Source of Incoming Emails:

Your bank will never ask you to send your password or personal info by email. Never respond to those types of questions – even if the email addresses you by name. If there are any doubts at all, immediately contact your bank.

  1. Beef Up Your Computer’s Security:

Keep your computer protected with a good antivirus to block attacks. Always have the most recent update on your operating system and web browsers. Common sense and good judgement are important to have with internet matters.

  1. Enter Your Sensitive Data In Secure Sites Only:

For a website to be ‘safe’ the address must begin with https:// and your browser should show an icon of a closed lock.

How to Deal with Phishing Scams:

Bettering your abilities to properly identifying a phishing scam is only half the battle. Dealing with those phishing scams so they do not continue to plague your accounts are another battle in and of itself. For starters, immediately delete the email or text message that is asking for your personal data. A legitimate company will never ask for those items over email and certainly not over a text message. Do not reply, click any of the links, or call any phone numbers in the email, just simply delete the email permanently. Phishing scams want to direct you to spoof sites, where your personal information can be obtained even easier.

Where to Report Phishing Emails:

After you have established that an email is a phishing scam and before you delete it, forward it immediately to [email protected], as well as to the company or business that the email is attempting to identify with. You can also report suspicious and harmful emails to [email protected]. The Anti-Phishing Working Group utilizes this information to counter phishing attacks and remove them from the internet for good. If you feel you and your personal data has already been compromised due to a phishing email, you should file a report with the Federal Trade Commission at Also, review the Identity Theft section from the FTC, since unfortunately many phishing attacks lead to identity theft.