The CISO's Desk (November 2023)

Holiday Shopping

Once again, the holidays are upon us. Many of you will likely shop for gifts for family and friends online. Online shopping can be a convenient way to buy gifts, but it also comes with risks. Here are some things to remember to shop safely and securely online:

  • Use a trusted website: Ensure the website you order from has a secure connection (look for a padlock icon or HTTPS in the address bar) and a clear privacy policy. Avoid clicking on emails or social media links, which may lead you to fake sites trying to steal your personal or financial information.
  • Compare prices and reviews: Before you make a purchase, do some research and compare prices and reviews from different sellers. You can use a variety of online tools from trusted sources to find the best deals and ratings. Be wary of offers that seem too good to be true; they may be scams or counterfeit products.
  • Pay with a credit card or a digital wallet: Credit cards and digital wallets, such as those provided on your cell phone, offer more protection than debit cards or cash in case of fraud or disputes. They also limit your liability if someone uses your card without your permission. Never send money by wire transfer, money order, or gift card to an online seller; these are untraceable and non-refundable.
  • Keep track of your orders and receipts: After you place an order, you should receive a confirmation email with the details of your purchase and the delivery date. Keep this email and any other receipts or invoices for your records. You can also track your order status and delivery progress on the seller's website or app. If you don't receive your order on time, or if it arrives damaged or defective, contact the seller immediately to request a refund or a replacement.
  • Protect your personal and financial information: When you shop online, you will likely be asked to provide your name, address, phone number, email, credit card number, or other sensitive information. Only give this information necessary and relevant for your purchase. Don't share your passwords, PINs, or security codes. Use strong and unique passwords for each online account and change them regularly. You can also use a password manager to store and generate passwords securely. If you are uncomfortable with the requested information, the site may allow you to purchase as a guest without creating an account. This is another option you can use.

Shopping at malls and stores during the holidays can be a fun and festive experience, but it also comes with some risks. Here are a few tips for those who prefer to shop at brick-and-mortar stores and shopping malls.

  • Plan ahead: Check the mall's website for opening hours, parking options, and COVID-19 protocols. Avoid peak times and crowded areas. Make a list of what you want to buy and where to find it.
  • Protect your valuables: Keep your wallet, phone, and keys in a secure place, such as a front pocket or a cross-body bag. Don't leave them unattended or in plain sight. Be aware of your surroundings and report any suspicious activity to mall security.
  • Do not leave purchases visible in your vehicle: Place purchases in the trunk of your vehicle or ensure that they are not visible through the window of your vehicle. This only prompts thieves to break into your vehicle.
  • Move your vehicle if returning to the store/shopping mall: Often, when shopping, especially for the holidays, we purchase more than we can carry around the stores. If you take purchases out to your vehicle, place them in the trunk or otherwise ensure they are not visible and move your vehicle to another part of the lot. This is especially important in shopping malls. Thieves watch shopping mall parking lot activities during the holidays. You could be observed leaving your purchases in your vehicle and returning to the mall. This allows thieves ample time to burglarize your vehicle and abscond with your assets.
  • Have fun and be courteous: Shopping at malls during the holidays can be stressful, but it can also be enjoyable if you have a positive attitude and treat others with kindness. Smile, say thank you, and be patient with other shoppers and staff. Remember that everyone is trying to have a good time and celebrate the season.

Be safe in your shopping experience whether you use cyberspace or prefer walking through the stores. Most importantly, enjoy the holiday season.

Ralph Johnson

State Chief Information Security Officer