Carnegie Mellon University

Protect your identity and accounts this holiday season.

November 19, 2018

Special Delivery: Safe and Secure Online Shopping

The year’s biggest online shopping season has begun!

The United States National Retail Federation estimates that e-commerce sales in November and December 2018 will top $120 billion, 15 per cent more than in 2017. More sales can translate into more bargains for shoppers but, unfortunately, greater opportunities for scammers to try to defraud you and your online account. Protect yourself from becoming a target. Follow these guidelines to keep your accounts and devices safe and secure not only during the holiday shopping season, but every day.

  • Keep the Operating Systems and apps up to date on your web-connected devices, to help ensure that you have the highest level of security available.
  • Protect your personal data, especially credit card and banking information. Never send details in an email. If you enter them online, confirm that the website URL begins with https, which indicates that the site should be secure. And, don't forget, never provide your Social Security number when shopping online.
  • Buy only from trusted sellers and vendors. Be especially cautious of third parties selling through reputable websites.
  • Never give personal information over the phone to someone who has called you. Ask for the person's name and company, then call back at the company's published phone number.
  • Create a strong password — and a different one for every online account. Never use your Andrew ID password with a non-Carnegie Mellon University account. If possible, use dual authentication (2fa) to log in to your online accounts. If you don’t want to be bothered remembering your passwords, use a password manager.
  • Think before you click! If an offer sounds too good to be true, it probably is. And, use caution before clicking on a pop-up. It could be malware in disguise.
  • Use caution when opening an unsolicited email. It may be a phishing attempt: an internet scam designed to trick you into providing confidential information or opening an attachment that may damage your device. Follow the Information Security Office recommendations to avoid falling victim to such an attack.
  • Shop with a credit card, if feasible. If compromised, a credit card gives you more protection, and leaves you less vulnerable financially, than a debit or prepaid card.
  • Sign up for account alerts that notify you when someone makes a large purchase with your credit card or makes a purchase without your card being present.
  • Monitor your bank and credit card statements regularly, so you can catch fraudulent charges quickly.

Visit the Federal Trade Commission website for more information about how you can protect yourself online and have a safe shopping experience.