Black Friday and Cyber Monday are the biggest online shopping days of the year, but they've also become big days for hackers.

Follow these tips to stay safe when you head to the (virtual) mall:

Always know who you’re buying from

Stick to the old adage, “If it’s seems too good to be true, it probably is.” To find the deals, stick to known retailers, and known sites and apps to minimize your potential for exposure to hackers.

Some legitimate online retail sites include,, and

Be selective with apps

Download and use legitimate apps from retailers, including approved sources such as the Apple iTunes App store and Google Play online store. If you jailbreak your iPhone or iPad, you’re at much greater risk of downloading a rogue shopping app.

Keep your OS, apps fresh

Online shoppers with outdated software are especially easy targets during the holiday shopping season.

Ensure you’re using security software, and make sure the operating system is updated with the latest fixes applied.

Guard private data, avoid unknown WiFi networks

Don’t save usernames or passwords in your email inbox or in a notepad and use lockscreens on mobile devices. Activate remote-locator and remote-wipe features in case of theft or loss.

Also, check your financial records following every transaction to quickly identify and respond to any questionable activity.

How to tell if a website is unsafe:

URL lacks an “s” Secure websites use the “https” prefix, where the “s” stands for “secure.” Without it, site is not encrypted or protected.

No “lock” icon: Secure sites will show this icon, usually to the right or left of the URL. It confirms security technologies are in use on the website.

Examine the URL: Some hackers will put up rogue websites that look almost exactly like the legit shopping sites. They’ll use names that are just slightly off: instead of, for example. To catch the bogus sites, change your browser settings so that the full URL is displayed.

Strange popups, tabs: You know you’re in trouble when start seeing things you did not ask for. Stop what you’re doing, then run a security check.

Internet agreement

If a shopper spends more than $50 on an online transaction with an Ontario-based business, they are entering into a type of consumer agreement known as an Internet agreement, and the province’s Consumer Protect Act’s rules apply. That means the consumer is guaranteed rights under the Act in relation to cancellations, returns, exchanges and refunds.

The business must provide the consumer with a written copy of the Internet agreement within 15 days of entering into the agreement.

With files from technology analyst Carmi Levy