Skip to main
University-wide Navigation
online holiday shopping

In 2022, consumers reported losing $8.8 billion to fraud, according to the Federal Trade Commission. The second most common type of fraud consumers reported losing money to: online shopping scams.  

Maybe you’ve already decided to simplify gift giving this year by sending cash or giving to a nonprofit. But before deciding where to spend or send your money, know it is also prime time for online scammers to take advantage of the holiday rush. 

The good news is it’s possible to shop safely online. By spending a few minutes taking additional cybersecurity precautions, you’ll avoid falling into some of the most common online traps set by cyber criminals.  

Jennifer Edwards, a member of the enterprise cybersecurity team at the University, says using proactive caution goes a long way.  

“The holiday rush often tempts individuals to let their guard down, making them susceptible to phishing emails, fake websites and counterfeit products,” Edwards said. “Everyone can take simple steps like verifying the legitimacy of websites before making purchases or donations, looking for secure payment methods and fortifying your online accounts by enabling multifactor authentication on all your devices."

To help avoid online shopping and fundraising scams, follow these tips from University of Kentucky Information Technology Services (UK ITS).  

  • Double check usernames before sending cash. Many online peer-to-peer (P2P) payment apps offer user QR codes. Ask the recipient for their personal QR code. It’s difficult to recoup cash sent to the wrong user. Aside from logging into your account, P2P apps will never ask you for your account information in the form of an email or text.  

  • Enable multifactor authentication. Make sure to enable multifactor authentication (MFA) on your P2P app. This additional secure step allows you to input a unique code, sent as a text or email, or facial scan, when using your app of choice to send money. Everything from your social media profile to your bank account has the option to enable MFA—sometimes called 2-step verification.  

  • Beware of charity fraud. Whether donating to a local or national nonprofit, research the organization before sending money. Look for https on the nonprofit’s website—this indicates that the website is secure and encrypts your personal information. The Federal Trade Commission recommends searching for nonprofits on these websites:  

  • Ignore phony package delivery services texts. Have you received a text message from UPS, FedEx or USPS notifying you of a missed delivery lately? These messages are forms of phishing scams, which attempt to capture your personal and financial information. Do not click on links in these text messages. Delete and report these types of texts.  

  • Watch out for outrageous deals and shopping on unfamiliar websites. Although online deal hunting may be tough to resist, don’t fall for deals that sound too good to be true. For example, if a seller advertises discounted gift cards, it’s likely a scam.  

  • Avoid shopping on unfamiliar websites. Stick to familiar websites when shopping, and again, look for “https” when you’re browsing for gifts online.  

  • Don’t shop using public Wi-Fi. Public Wi-Fi is not secure and is vulnerable to cybersecurity breaches. Online scammers target public Wi-Fi because of its lack of security.  

  • Use credit cards for online purchases. Credit cards offer more protection – making it easier to recover funds – than a traditional debit card.  

Taking these recommended steps can help you have a safer online holiday shopping experience while also strengthening your cybersecurity habits year-round.  

Follow UK ITS on social media for more cybersecurity tips.