The 12 Cybersecurity Don'ts of Christmas


Keeping your personal information safe and secure is of the utmost importance this holiday season and beyond

With scammers running rampant this holiday season, it’s more important than ever for consumers to stay vigilant and safe in the final weeks leading up to Christmas – and into the new year. 

In an effort to bring some levity to the serious situation of cybersecurity, while also providing consumers with tangible advice on staying safe, Karin Garrido, vice president and general manager at AT&T, Pacific States, shared “The 12 Cybersecurity Don’ts of Christmas” with ConsumerAffairs. 

While the security tips may seem funny and lighthearted – and they are – their sentiments ring true. With online shopping, shipping gifts, and the general frenzy of the holidays, it’s easy to get lax with online security measures. 

With Garrido’s advice, the goal is to keep your private information private for the holiday season and beyond. 

The 12 Cybersecurity Don’ts of Christmas

Here is Garidoo’s official “12 Cybersecurity Don’ts of Christmas:” 

1. Re-gifting passwords: Just like last year's fruitcake, re-gifting passwords across multiple accounts is a no-go. Santa uses a password manager.

- If you use the same password on several accounts, then all those accounts are vulnerable if your password is exposed on just one of them. It’s hard to keep track of so many passwords, so a reputable “password manager” is a good option. 

2. Clicking on mischievous links: Not all links are wrapped with good intentions. Think twice before clicking on them, and three times before entering information.

3. Ignoring software update elves: These diligent elves deliver security patches that shield devices from new threats. Don't ignore their hard work!

4. Typing Santa’s credit card number on an open network: Public Wi-Fi networks can be as open as a chimney on Christmas Eve. Don’t expose sensitive intel to cyber-Scrooges.

- As a precaution against electronic snooping, you should avoid typing in sensitive information like credit card numbers when you’re using public Wi-Fi. 

5. Keeping a cluttered digital house: You might get unwanted company, so it’s wise to delete old downloads and emails that are full of personal information.

- If someone succeeds in breaking into your email or computer, what will they find? If you don’t need old emails with your Social Security number and other personal information, it’s best to delete them.

6. Downloading a Trojan reindeer: Untrusted software downloads can be like a Trojan reindeer, carrying unwanted malware gifts.

- This is a longtime safety tip. Don’t download software from non-trusted sites or unexpected pop-ups.

7. Forgetting to back up data: Regular data backups are like keeping an extra set of presents in the attic, just in case. 

-If you have documents or photos that you wouldn’t want to lose, copy them in more than one secure place on a regular basis. 

8. Oversharing on social media: Oversharing personal information is like leaving your doors and windows wide open during the holidays. Facts about you can be used by fraudsters in many ways. Your pet’s name or mother’s family name may be a backup for a forgotten password. 

9. Bypassing multi-factor authentication: This adds an extra layer of security for your accounts, just like double wrapping those precious gifts. If a criminal gets your password, an extra line of defense can help keep them out of an account. 

10. Leaving devices unattended: Devices left alone in public places are as tempting as unattended milk and cookies. Use a screen lock, too.

11. Using Santa123 as the North Pole password: Weak and predictable passwords are like a flimsy lock on a treasure chest of gifts.To make a password long and strong, consider a passphrase with several words inside it. Longer is recommended to help defeat automated password guessing. 

12. Having a bit of eggnog and forgetting to log off a public device: This is like leaving your sleigh full of gifts unattended in the town square. Occasionally we all may need to log into a hotel or public library computer. Uncheck “remember me” and don’t forget to log out. 

Scams don’t end with the holidays

Though the holiday season will wrap up in a few weeks, that doesn’t mean scammers’ work is done. Consumers need to keep cybersecurity at the top of their minds into the new year, as advancements in technology are likely to make it easier than ever to be on the receiving end of a scam. 

“The rise of AI and Deepfakes will result in more sophisticated communications fraud and imposter attacks,” Clayton LiaBraaten, senior executive advisor at Truecaller, told ConsumerAffairs. “In 2024, large language model (LLM) technology will enable highly granular data scraping and mining to enable extremely targeted, contextually relevant scam and fraud campaigns at scale."

Yes, 2024 is an election year. Consumers will likely be inundated by political voice and text SPAM. Not all of it will be legitimate.

Take an Identity Theft Quiz. Get matched with an Authorized Partner.