Experts Blog

Bah Humbug! Don’t Let Cybercriminals Steal Your Holiday Joy!
December 8, 2022
Fortalice Solutions
Fortalice Solutions Founder and CEO, Theresa Payton, recently joined the TODAY Show to share the best practices consumers can adopt while online shopping this holiday season. Watch the full interview and find more strategies to protect your identity!

The holiday shopping season is here. This year, holiday shopping is expected to grow nearly 8% from 2021's $889.3 billion in total sales, according to the National Retail Federation (NRF).

Additionally, the NRF also estimates more than 166 million people this year may shop online between Thanksgiving and Cyber Monday, which is nearly 8 million more shoppers than last year!

BUYER BEWARE – FRAUD LIES AHEAD! Cybercriminals and fraudsters have upped their game to trick even the cyber-savviest of Black Friday and Cyber Monday shoppers.

Highlights of This Year’s Top Online Scams

  • Fake domain names that sound like the places you want to shop.
  • Counterfeit and fraud sites that pretend to have hard-to-find merchandise.
  • Text message and email scams pretending to be a vendor, delivery service, or your bank.
  • Gift card scams promising deals on gift cards that are invalid.

Free Tools for Consumers to Avoid Online Scams

First line of defense: Your devices and connection!  

  • Update your devices to the latest operating system and browsers.
  • Update your antivirus and anti-malware protection; a free tool you can try is the Sophos Scan & Clean.
  • Cut and paste links into
  • Don’t shop using free public Wi-Fi.

Research businesses and offers at

Check to see if your emails and passwords have been in past data breaches using free tools such as: Leakpeak or Have I been Pwnd?

Check your privacy, security, and fraud settings on your mobile devices and emails to block known fraudulent emails and phone numbers.

Received a New Gadget as a Gift? Follow These Five Steps.

  1. Take the device out of the box and update it.
  2. Register the product.
  3. Create a guest Wi-Fi network for gadgets.
  4. Change the default password.
  5. Learn how it will stay up to date: will it automatically update itself with the latest privacy and security patches? Try also researching privacy for your gadget via Mozilla’s new report about privacy protection.

What to Do If You Are a Victim or You Spot a Scam

Top 10 Tips to Avoid Online Scams

  1. Look out for fake domain names that look like your favorite shopping places (this is called “typosquatting”).
  2. Try using a privacy forward browser, like Brave.
  3. Never click on a website link in an email. Go directly to shop at websites you trust. If you must click on a link to get a “deal,” try cutting and pasting that link into the "VIRUSTOTAL" tool to see if anyone has reported it as suspicious.
  4. Go old school, and check out the business in person, not just through online reviews! Yes, Yelp, Google reviews, and social media platforms are helpful, but they should never be your only source. Check out reviews, positive and negative, at the Better Business Bureau, as well. Also, consider searching the company’s name in quotes along with the word “scam” to see if there are any known issues.
  5. Know the red flags! Common red flags include messages that say, “Buy now!” or, "Rock Bottom Prices with No Limits!”, a company you never heard of sends you an email, or a deal that seems “too good to be true” that has an aggressive expiration date.
  6. Don’t surf and shop on public Wi-Fi, but if you must, use a VPN! Some alternatives are using a mobile hotspot or your phone or taking advantage of ProtonVPN. You can also try other VPNs, like Disconnect and NordVPN, for a small fee.
  7. Never recycle passwords! Also, use strong passwords across all shopping platforms and bank accounts. For a strong password, create a phrase or assemble four random words with an emotion and a number (e.g., BookFireCozyTime2019!).
  8. When inputting personal or payment information into a website, ensure the page is using security features. For example, the website URL should begin with https:// (not just http://) and there should be a padlock symbol.
  9. Go online to your payment card account and set it up to alert you for every transaction. Consider using credit cards over debit cards, as they afford more consumer protections. Stop fraud before it gets out of hand.
  10. Keep an eye out for text and email scams, usually featuring deceptive messages like, “Your package is on the way,” or, “There’s been a problem with your order.” If you receive a text or an email with similar language, don’t fall for it! Never follow links in alert messages, texts, and emails. Instead, go directly to the website in question and log in there.

Three Quick Tips for Business Owners

  1. Train employees to spot fraudulent emails. Fraudsters are sending businesses fake domain emails to convince your employees to take the bait. These emails may appear to come from your regular vendors or retailers (e.g., USPS, UPS, FedEx, Walmart, and others), but they contain malicious links (e.g., “Click Here for to track your package”) created to promote scams, attacks, and frauds. By clicking on an infected URL, your employees may unwittingly download malware that can take control of their devices or lead them to a fake website. This time of year, businesses ask us to put their employees to the test. Without fail, even the cyber safest and savviest employees fall for these emails.
  2. Surf the internet for ads and domain names that sound like your own to monitor for fake and fraudulent ads for your business. Report anything you find to the FBI (at and the Better Business Bureau, then use your social media to warn your customers of the issue.
  3. Turn on alerts and notifications from your bank accounts, bank cards, and social media accounts, so you are alerted of suspicious activity, but never click on links in emails alerting you to suspicious activity, as those can be fakes!

Fortalice Is Here to Help

For additional information, or to learn more about Fortalice Solutions service offerings, contact the team via email at

Be healthy. Be safe. Be well. Happy Holidays!

Let's Talk
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.