Skip to main content

Safe Cyber Shopping

Be a cybersmart shopper.

Black Friday and Cyber Monday are when most spam, phishing attacks, scams and other malicious campaigns occur. Following these tips to be a cybersmart shopper during the holiday season and throughout the rest of the year. And remember, NEVER use your WVU email address or your WVU credentials for personal shopping!

Lock down your Login.

Usernames and passwords are not enough to protect key accounts like banking and email. Fortify these accounts by enabling two-step authentication . Use unique passwords that are at least 12 characters long and include numbers, symbols, and capital letters. Having a separate password for every account is the best way to thwart cybercriminals, but at a minimum, separate work and personal accounts making sure that critical accounts have the strongest passwords.

Limit what you do on public Wi-Fi.

Free, public wi-fi is inherently not safe. Limit the type of business you conduct over open public wireless connections, especially email and banking. Secure your mobile device so if you lose it, no one can use it.

Shop secure websites.

Look for the green padlock icon and https:// in the URL before using your credit card online. The "s" means the site is security enabled. Use sites for retailers you trust. Read reviews and see if other customers have had positive or negative experiences with sites that are new to you.

Keep a clean machine.

Ensure that all your web-connected devices (PC, mobile phone, and/or tablets) are free from malware and infections by running only the most current versions of software and apps. WVU provides FREE anti-virus for up to three devices at:

Use safe payment options.

Credit cards are generally the safest payment option and offer protections that debit cards do not. Use one credit card for online purchases and keep track of the activity on it. NEVER give your credit card information to anyone via email or save to your hard drive. Value and protect your personal information. Be alert to the information being collected to process your transaction and only complete required fields at checkout. If you are being asked to provide unnecessary information, abandon your purchase .

When in doubt, throw it out.

Be skeptical with suspicious-looking emails, even those claiming to come from a specific company or shipping service. Indicators of a phishing attempt include threats for failure to act; a suspicious-looking email address; pleas for money; and misspellings/poor grammar. Links in emails, posts and texts are often how cybercriminals try to steal information or infect devices. Avoid clicking on email attachments because they could contain malware. When tracking shipping statuses, make sure the site you land on matches the shipping company’s name. Watch for small changes in spelling that could signal the site is fake. 

Read privacy agreements.

If you don’t want to increase the chances of your information being accessed online, keep an eye out for websites that sell your information to third parties. Carefully review all privacy agreements and decide for yourself whether you’re willing to click “Agree.”

To avoid having to read hundreds or sometimes thousands of pages of Terms and Conditions or Privacy Policies for the sites you use, visit and search for the site. TOSDR shortens the terms and conditions agreements and privacy policies for popular websites so that you can understand, in plain English, what you are legally bound to when using the website.