E-commerce growth is expected to grow by 9.4% by 2024; by 2027, it’s forecasted to hit a whopping $8 trillion for the first time.

More people shopping online means more opportunities for cyber criminals to strike. In fact, there’s a growing trend of cyber scams taking place during the holiday shopping spree.

As we all get busy with our holiday shopping and preparations, keeping security in mind is essential.

Ensure your personal and professional information are safe to guarantee a stress-free holiday season.

Here is an overview of cyber attacks during the holidays and a few tips to help you stay safe online:

Why do hackers choose holidays to attack?

While cyber attacks can happen any time of year, they tend to increase during the holidays. We’ve seen a 200% spike in cyber attacks on e-commerce sites approaching the holiday season, with Amazon as the top target.

There are a few reasons hackers choose the holidays to attack unsuspecting victims.

First, people are generally more relaxed or in a shopping rush and are less vigilant during the holidays. They’re also more likely to use their personal devices for work tasks, or vice versa, potentially leaving even more sensitive information vulnerable to cyber criminals and their scams.

Ransomware attacks, for example, become more prevalent during this shopping season, increasing by 30% compared to regular months.

Another reason why cyber attacks increase during the holidays is that there are simply more people online. More people mean more potential targets—and more opportunities for cyber criminals to find a way in.

11 Cyber Security Tips for the Holidays

Benjamin Franklin once said, “An ounce of prevention is worth a pound of cure.”

A big part of cyber security is being prepared for any attack. Here are several tips that can mean the difference between your information staying safe and your data getting compromised:

1. Avoid public Wi-Fi

Because public Wi-Fi doesn’t require any authentication, anyone can access it, including cyber criminals. They can put themselves between you and the connection point. This way, they get access to the data you’re sending into the hotspot.

When using public Wi-Fi, avoid those without password protection, as they’re the least secure. If you have to use public Wi-Fi, activate a Virtual Private Network (VPN) for that extra layer of protection, as it hides your IP address and activities.

We also advise against using public computers when shopping online, booking plane tickets, transacting with your card, or logging into your personal accounts.

2. Beware of phishing scams

Phishing scams are often used to target holiday shoppers. Be aware of the signs of a phishing scam, such as urgent asks and unusual attachments.

Research shows that bad actors start 80-95% of cyber attacks with phishing.

The most common phishing scam during the holiday shopping season is the shipping email scam. If you ever receive an email that appears to come from a shopping company, don’t open the attached file or link. It’s likely malware.

3. Don’t click on links in emails or answer calls from banks

In 2022, 56.5% of all emails were spam, accounting for 122.33 billion messages sent globally per day.

Cyber criminals often send out fake emails or text messages with links that lead to malicious websites. Don’t click on links if you receive an email or text message from an unknown sender.

If you receive an email that you find suspicious, whether because of the sender or the content, use your email provider’s report feature to flag the email. Do this before interacting with the contents of the email.

Social engineering scams are also common during the holiday season. Most attackers will pose as representatives of your bank or credit card company and call you to report a transaction on your card.

When this happens, don’t engage in the conversation immediately. Instead, hang up and call the number on the back of your card to make sure you’re speaking with a legitimate bank representative.

4. Use a credit card

When making purchases online, whether shopping or booking a flight, it’s better to use a credit card rather than a debit card.

If your credit card information is stolen as part of a data breach, you can simply cancel the card and get a new one. You will not be liable for any fraudulent charges, nor will the hacker get direct access to your account.

When signing up for a credit card, we recommend choosing one zero-liability protection, so you don’t become held responsible for any unauthorized access.

Debit cards don’t offer this same level of protection. If your debit card information is stolen, hackers could quickly empty your bank account. If they accomplish this, getting the money back into your account can be challenging.

5. Use a secure digital wallet

If you’re using a digital wallet to store your card information, ensure the service provider has security measures in place.

While the service in itself reduces the risk of keystroke logging or phishing, opt for digital wallet providers with extra security features like tokenization or biometric authentication. Some examples of these include Apple Pay, Google Pay, and Samsung Pay.

6. Review your credit card statements

When shopping online or booking hotels, flights, and activities for travel during the holidays, make it a habit to review your credit card statements regularly. This will allow you to spot discrepancies and unusual or unauthorized charges quickly.

Should you find any, report them immediately. It’s also recommended that you set up notifications to inform you of any transactions or changes to your bank accounts.

It’s also worth mentioning that you should avoid throwing away papers, receipts, invoices, etc., that contain your credit card information and personal data. Shred or burn confidential documents to prevent identity thieves from accessing them in the trash.

7. Keep your software up to date

One of the best ways to protect yourself from cyber attacks is to keep your software current. This includes your operating system, web browser, and other software you use regularly.

Updating your software can seem like a chore, but it’s vital to patch any security vulnerabilities that cyber criminals may have discovered. Attackers are constantly looking for new ways to exploit systems, and software updates will help to keep them at bay.

8. Use strong passwords

In its 2023 Data Breach Investigations Report, Verizon revealed that 81% of breaches used stolen or weak passwords.

Using strong passwords is one of the most important things you can do to protect your online accounts. Avoid using easily guessed words or phrases like “12345” or “abcdef.” Most accounts now recommend a combination of letters, numbers, and symbols to make a stronger password, so take advantage of those.

Try to use a different password for each of your online accounts so that a hack in one doesn’t affect the others.

9. Be careful what you share online

Limit the personal information you share on social media and other websites, as cyber criminals can gain access to your personal information by simply looking at what you’ve shared online.

Avoid saving your card details on the Internet. Unless you are signing up for an automated payment service, entering your credit card information manually for every transaction is good practice. While it seems tedious, it helps minimize the chances of unauthorized access.

10. Shop on familiar and safe websites

Bookmark your favorite shopping sites to get there quickly and safely. As much as possible, avoid typing the name of the website in the URL bar. This will prevent you from typos that could take you to a fake site that looks identical to the real site.

11. Trust Your Gut

If you question the site’s trustworthiness, move on. Take any doubt as a sign that you should not make any transactions on the site. Remember, if an offer looks too good to be true, it probably is.

Cyber Security Protection During the Holiday Shopping Spree

During the rush of the holiday season, be extra vigilant when shopping, booking travel plans, sharing information, or interacting with friends and family online. With these tips, you can better protect yourself and observe cyber secure holidays with peace of mind.


Don’t let a cyber attack ruin your holidays

Protect yourself, starting with awareness of the common cyber attacks and trends in the retail industry. Read more in this new cyber security in retail eBook.