November 2018: Shop Safe Online, Even on Black Friday!

min read

Campus Security Awareness Campaign 2018
This post is part of a larger campaign designed to support security professionals and IT communicators as they develop or enhance their security awareness plans. View all 12 monthly blog posts with ready-made content by visiting our security awareness resource page.

In 2016, for the first time ever, shoppers bought more online than in stores. All Internet-connected devices are vulnerable, especially when being used for purchases. Your community members need to be aware of ways to protect themselves as they shop online. Use the following content as a starting point to help your end users shop safely online during the holiday season.

Get the Word Out

Newsletter or Website Content

The holiday season is the perfect time for cybercriminals to take advantage of unsuspecting online shoppers. When you go to the grocery store or local shop, it's habit to grab your reusable bags, lock the car, and make sure you've safely put away your credit card or cash before heading home with the day's purchases. Similar precautions need to be taken when you're shopping online from the comfort of your own home. If you make these simple precautions regular online shopping habits, you'll be protecting your purchases and personal information.

The National Cyber Security Alliance [] recommends following these basic steps so you'll be ready to cybershop safely and securely.

  • Lock down your login. One of the most critical things you can do in preparation for the online shopping season is to fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passwords are not enough to protect key accounts like e-mail, banking, and social media.
  • Keep clean machines. Before searching for that perfect gift, be sure that all web-connected devices—including PCs, mobile phones, smartphones, and tablets—are free from malware and infections by running only the most current versions of software and apps.
  • Shop reliable websites online. Use the sites of retailers you trust. If it sounds too good to be true, it probably is!
  • Conduct research. When using a new website for your holiday purchases, read reviews and see if other customers have had a positive or negative experience with the site.
  • Personal information is like money: value it and protect it. When making a purchase online, be alert to the kinds of information being collected to complete the transaction. Make sure you think it is necessary for the vendor to request that information. Remember that you only need to fill out required fields at checkout.
  • Get savvy about Wi-Fi hotspots. If you are out and about, limit the type of business you conduct over open public Wi-Fi connections, including logging in to key accounts, such as e-mail and banking. Adjust the security settings on your device to limit who can access your phone. If you must use open Wi-Fi connections, connect to a virtual private network (VPN) first.
  • Check the address bar. Look for the green lock icon and https:// in the URL before using your credit card online.
Be a Cybersmart Holiday Shopper. Conduct Research, Get Two Steps Ahead, Get Saavy About Wi-Fi Hotspots, When in Doubt Throw it Out, Protect Your Money.
Source: be a cybersmart holiday shopper [] infographic

Figure 1. Use this image to support your message

Social Posts

Note: These are Twitter-ready, meeting the 140-character length restriction.

  • No lock? Don't shop! Stay safe online during holiday shopping season. [] #OnlineSafety #CyberAware
  • Reputable stores show you the green first. Look for the lock icon & HTTPS:// before buying. #SafeShopping #OnlineSafety #CyberAware
  • Free isn't always better. Public Wi-Fi could expose your credit card info to cybercriminals. #SafeShopping #OnlineSafety #CyberAware
  • Does that deal sound too good to be true? It probably is! #ShopSmart & research before you purchase. #OnlineSafety #CyberAware
  • Is your credit secure? Be sure & check your statement often—especially during the holidays! #OnlineSafety #CyberAware

E-Mail Signature

Ask staff members to add a tip to their e-mail signature block and link to your institution's information security page.


Jane Doe

Information Security Office

XYZ College

Shop Safe Online. Learn more. [Link "Learn more." to your institution's information security department page or NCSA's online shopping tips and resources.]

Embed or Share Videos

Better Business Bureau’s 9 Tips for Safe Online Shopping (1:45 min)

Online Shopping Tips | FTC (3:28 min)


Share these resources with end users or use them to inform your awareness strategy.

  • Download and review NCSA's Holiday Shopping backgrounder [] or the SANS security awareness newsletter with tips for shopping online securely.

Brought to you by the Awareness and Training Working Group of the EDUCAUSE Higher Education Information Security Council (HEISC).

© 2018 EDUCAUSE. This EDUCAUSE Review blog is licensed under Creative Commons BY-NC-SA 4.0.