U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


  1. Home
  2. About Us
  3. Site Links
  4. Archived
  5. News Archive
  6. Beware of Online Shopping and “Cyber Monday” Scams

Archived Content

In an effort to keep DHS.gov current, the archive contains outdated information that may not reflect current policy or programs.

Beware of Online Shopping and “Cyber Monday” Scams

Release Date: November 27, 2017

The holiday season is upon us, and with it comes celebrations and gift-giving. An increasing number of consumers are conducting their holiday shopping online. You have probably heard of “Cyber Monday,” a marketing term for today, the Monday following Thanksgiving, when online retailers often begin to offer discounts and promotions to shoppers.

While online shopping offers increased convenience, it also provides opportunities for scammers to target consumers through fake websites, phony offers, and malicious apps. Ensure you have a safe and secure holiday shopping experience by following the tips below.

Improve your cyber posture and avoid online shopping scams by:

  • Remembering to hover over hyperlinks and think before you click. A common phishing tactic during the holidays is a phony email saying an order has shipped, with links like “Click here for expected delivery date” or prompts for your login and password to a particular website.
  • Avoiding making purchases over public Wi-Fi. Use your cellular data for financial transactions instead.
  • Using your credit card rather than your debit card for online purchases. Credit cards offer more consumer protections if your card is compromised and will not impact your checking account like a debit card. Continue to monitor your credit card and bank statements regularly to detect any fraudulent activity that might go unnoticed.
  • Choosing encrypted shopping websites for safer transactions. There are two ways to tell if a site uses encryption: a closed padlock icon in the status bar at the bottom of your browser window or at the top of the browser window, or a website address that begins with “https:” rather than just “http:”.
  • Heeding “certificate error” messages. If you receive a notice that says “certificate error,” examine who issued the certificate, ensure the name matches the site you are visiting, and ensure the certificate has not expired.
  • Downloading vetted apps. Never install software outside of your phone’s designated app store, and only use trusted vendor apps when shopping from your phone.
  • Creating strong passwords. Avoid using the same password for your online accounts; otherwise, one compromised account can translate to multiple compromised accounts.

Additional cybersecurity information, resources, and training can be found on the Stop.Think.Connect page.

Last Updated: 02/05/2021
Was this page helpful?
This page was not helpful because the content