Common Ways Fraudsters Target Online Shoppers

Shopping for the perfect holiday gifts from your smartphone and having them delivered right to your door couldn’t be more convenient, but online shopping also comes with some risks.

According to the Cybersecurity and Infrastructure Security Agency (CISA), scammers take advantage of online shoppers in three main ways:

1. Creating Fraudulent Shopping Sites and Email Messages

Imagine you receive an email promising incredible deals on brand-name or hard-to-find items. Or you’re looking for a specific gift and can only find it in an online store you’ve never heard of before. 

While these scenarios could be legitimate, there’s a chance you’ve encountered a fraudulent site or email message created to collect sensitive personal and financial information. This might mean paying for an item you’ll never receive, or worse, setting yourself up for identity theft and financial fraud. 

During the holidays, these emails and sites may also claim to be connected to charities seeking “donations.” Depending on the cybercriminal creator’s level of expertise, these emails and sites may look obviously shady or completely legitimate.

2. Intercepting Information from Non-Secure Transactions

Encryption is essential for online shopping. This cybersecurity measure scrambles plain text so it can be read only by a user with a special code. If a legitimate seller or store does not use encryption, a cybercriminal could intercept your personal or financial information as it’s transmitted. 

Tip: Look for “https” at the start of a site’s address. If you don’t see the “s” and only see “http,” the site is not encrypted.

3. Targeting Your Device’s Vulnerabilities

Without antivirus and anti-malware protections, cybercriminals may be able to access your computer, tablet, or smartphone and all the sensitive information stored on it. Stores and sellers should protect their computers to prevent these fraudsters from accessing their customer databases.

How Can You Protect Yourself?

While some risk is always associated with online shopping, you can use 11 simple strategies to keep yourself safe:

  • Shop with online retailers you already know and trust.
  • Be cautious of marketplace sellers or new stores that contact you directly via email.
  • Make sure you see the “https” at the start of a store or seller’s URL.
  • Always insist on using safer payment options like major credit cards or PayPal.
  • If using an app to shop, make sure it’s the official one associated with the store (Amazon, Target, etc.)
  • Keep up with news about data breaches and monitor your accounts regularly.
  • Secure your devices with antivirus and anti-malware software.
  • Avoid conducting sensitive transactions on public networks.
  • Think twice before storing your credit card details on your device or with a merchant.
  • Create strong passwords to protect your accounts.
  • Consider identity theft protection.
Back to Advice Center