The holidays are officially upon us: the crisp winter air sweeping across rosy cheeks, toasty mugs of hot cocoa warming already numbed fingers, glowing Christmas lights dancing across each falling snowflake. A joyous time is to be had by all, but with your conventional holiday activities comes more capricious personal expenditures and extremely volatile budgets for decorations, food, and gifts galore. While this time is meant to be a merry and festive one, it’s also important to understand just who you’re opening your checkbook for and where you might be leaving yourself vulnerable.

Check out our guide below to ensuring you’re protected for the holidays!


Purchase only from secure websites

Always check to make sure that the websites you’re purchasing from are verified and secure. To do so, check to make sure a lock emblem capture1 precedes or an ‘s’ meaning ‘secure’ capture2 follows your standard http:// URL.

If there appears to be an Error message or a lock emblem with an ‘X’ marked across, the site is unprotected and should be avoided.

It’s best to only do your online shopping on websites that you’re familiar with and are 100% verifiable retailers. Using shopping websites like Amazon, Jet and, eBay are good places to start if you’re unsure where you can find specific items.

Scammers often mock up websites that closely resemble actual retail sites, so you need to always double-check the URL before making a purchase. Alnd make sure never to access a retail site from an email that you’ve received as scammers have been known to insert fake website links into what appears to be a verified email; type in the intended URL to know that you’re visiting the real website.


Use caution when checking your email messages

Use caution when checking your email messages

It’s important to make sure that you’re monitoring the messages inside your email accounts on a daily basis. Scammers and hackers often use email as a seemingly harmless device to implant malware on a user’s computer, or to deceive the user into clicking on a malicious email link.

Often times, a hacker will devise a plan to get the user to click on what appears to be an email from a verifiable source. The email sender name, and the contents of the email itself, will closely resemble that of an official retailer or business. The link inside the email, once clicked, will either insert a piece of malware onto the user’s computer, covertly stealing data over time, or will direct the user to a fraudulent website that, again, appears to be legitimate.

Once your data is stolen, it’s only a matter of time until you feel the effects of identity theft. Your personal data may also be sold to other black market parties.

We advise that you only click on emails that you’re absolutely positive are from legitimate sources.


Monitor your bank and credit card statements regularly

Monitor your bank and credit card statements regularly

Most people spend more money during the holidays than any other time of year. This means that you’ll need to constantly monitor and manage your bank and credit card accounts.

Credit card fraud has become somewhat commonplace in this day & age, which means during the holidays, you’ll want to take extra care of your accounts. Check your daily balances and double-check each individual purchase to ensure that you did in fact make the purchase.

If someone else is accessing your bank or credit card information, they’ll often either spend an outrageous amount the second they get their hands on the account or they’ll spend a modest amount that may go unnoticed. Obviously the former would be rather easy to spot on a bank or credit card statement, but it’s the latter that is often times scarier.

Let’s say a scammer made a purchase no greater than 10 dollars at a convenient store or restaurant; this purchase may very well go unnoticed, if you’re not thoroughly checking your accounts on a regular basis. Over time, they may rack up thousands of dollars of purchases without you knowing, all-the-while, you’re paying each and every one of their purchases without ever knowing.

We advise you go over both your bank and credit card statements with a fine-tooth comb.


EMV chip being used for purchase

The EMV chip is much more secure than the magnetic stripe

When shopping in stores, always try to use cash before pulling out your credit card. There are many reasons for using cash over card, but it inevitably comes down to the single possibility that a data breach threatens to expose the information on your credit card. To put it simply, cash cannot be traced and a credit card can.

Now, if you happen to be out shopping and you don’t have cash on you, make sure to shop with your EMV-chipped credit cards. These are your cards that must be inserted into the card reader rather than giving you the ability to swipe. Certain stores still do not have EMV chip-card readers, so if you’re shopping with a card, it’s suggested that you use cash at these stores or find your items at a store that does have an EMV chip-card reader.

The EMV chip inside of the card has been known to better encrypt your information compared to the credit card stripe found on the back of the credit card… always use the EMV chip whenever you can.


Change your password routinely

Change your password routinely

During the holidays, it’s important to monitor all of your digital accounts — online bank accounts, digital store accounts, and all email accounts. You’ll want to monitor each of these vigilantly because of the significant spike in the number scams, hacks, and data breaches that occur around the holidays.

Continually changing both your passwords and security questions will keep your accounts better protected. It’s a tedious, but necessary process for better improving the security on each of your respective accounts.

This should be done on a regular basis throughout the year, but is an especially important step to take during the busiest shopping season of the year.

We advise that your passwords be longer than eight characters and contain at least one special character, capital letter, and number. Also, try not to create passwords that can be easily hacked (e.g., street name / address, birthday month / date, typical letter / number combinations like abc123).

Written by Peter J. Schaub

President & CEO, NeoCertified