01. Change your passwords

One or more of your accounts and their passwords might already have been leaked in a data breach without being exploited yet. Threat actors may be waiting for the shopping season to come around in hopes that you will not notice them using your accounts or card details to do the things they do. It is generally advised that you change your passwords regularly, but most of us don’t, since we have so many, and keeping them up to date regularly would be a truly laborious and frustrating task.

2. Be careful of which websites you shop from

Using your credit card details on an insecure or fake malicious website is the quickest way to get robbed. With the advent of dropshipping in recent years, everyone and anyone can now have an online shop. What’s shocking is that a lot of online shops these days tend to have a very short lifecycle, with the aim of making a few quick bucks with little regard to quality of service, and then close shop until their next rebrand. Even if they are not a scam website, who’s to say their website processes your personal information securely? If you have to order online, make sure that you order from trusted well-known websites. Word of mouth works best, because people’s direct experiences and reviews are the gold standard of trustworthiness. If you are not sure whether a website is secure or not, but you are still willing to try, you can always create a virtual debit card with just enough money in it to buy what you want.

3. Never shop over a public WiFi

Most of us in 2021 spend more time using our smartphone rather than our computer for our social media consumption and shopping. Since using WiFi is an inevitability, public WiFi is something you want to avoid when inputting your personal data and bank account details to make a purchase online. This is because WiFi enables Man-In-The-Middle attacks that are much easier to accomplish when your device is connected to a WiFi network of which you’re not in control. This kind of cyberattack allows threat actors to eavesdrop on your communications, and this gives them the capability to discern your bank details, which they can then use for whatever purpose they see fit. If you have to use a public WiFi, at least make sure you use a trusted VPN service that encrypts all your communication end to end, this way rendering Man-In-The-Middle attacks irrelevant.

4. Be careful which emails you open

Most cyberattacks are initiated by phishing, which refers to email messages containing malicious links and/or attachments. You must be aware that cybercriminals wanting to deceive you into falling for their phishing scams will want to seduce you with hard-to-resist subject lines or too-good-to-be-true offers. Be extra sceptical of unsolicited emails containing offers. If the email is from an unknown sender, delete it right away. If you are unsure, and you want to check out the offer, you can always visit their website directly instead of clicking on any link contained within the email. This way you reduce the probability of you falling victim to a phishing attack.

5. Be careful which links you click on

Links are not always disseminated via email. You may get a suspiciously long link via a friend’s hacked social media account, click on it, and before you know it, your device is infected with who knows what. You can potentially find malicious links through social media posts, SMS, websites and even web advertisements, designed to grasp your attention and dazzle you. If a link looks too long, too unfamiliar or just too weird, do not click on it. Better safe than sorry.