Many Canadians have traded shopping malls for online checkouts when purchasing gifts for friends and family during the holidays, but the practice is not without risks.

According to the Canadian Anti-Fraud Centre, the pandemic “has created an environment that is ripe for fraud and online criminal activity,” with fraud related to online purchasing totalling more than $21 million in reported losses last year.

Here are some tips to protect yourself while holiday shopping online.


Experts stress that people should limit their purchases to trusted web retailers.

Cybersecurity firm ESET says people should go straight to store websites, rather than follow email links or texts about deals. The firm advises that people read customer reviews and be wary if a website only has positive reviews, as this could be a clue that they are fake.

The Canadian Centre for Cyber Security says shoppers should look for red flags like overcomplicated payment processes, poorly designed websites, typos in web pages and URLs and stores that are missing key information and security elements. For example, a missing or open lock symbol next to a website’s URL suggests its data is not secure.

People should be on the lookout for SSL Certification, says cyber safety company Norton. This can be verified by looking for the lock symbol or an “S” added to the “http://” at the beginning of a URL. This is particularly on webpages where payment information would be entered.


If possible, ESET says people should use secure payment options like PayPal, Google Pay or Apple Pay because these options aren’t linked to personal information.

The firm also recommends people opt to check out as guests instead of creating accounts with retailers. It’s also advised that you do not save payment information with individual websites, so your data will not be compromised in the event of a data breach at the company.

A list of tips from federal cybersecurity agencies advises that people make purchases while using personal Wi-Fi networks, cellular data or a virtual private network (VPN). Public Wi-Fi should be avoided when online shopping.

Norton says people should use strong passwords and not repeat them for multiple websites, and advises keeping browsers updated to the latest version to ensure security features are up-to-date.


Texts and emails advertising about holiday deals can turn out to be phishing attempts aimed at capturing personal information, Norton says. People should be wary about such advertisements and avoid clicking links from unknown sources.