Four tips for safe online shopping

Holiday shopping season is around the corner! With great discounts and offers, also comes the risk of online fraud and scams.

Here are four simple yet effective tips to have a safe online shopping experience:

  1. Before making any online payments, ensure a secure connection by verifying that the website’s URL begins with “https://” and has a padlock symbol in the address bar.
  2. Don’t click on links in unsolicited emails or pop-up ads; instead, directly access the retailer’s website by typing the URL into your browser.
  3. Enhance transaction security by using a secure personal network instead of public Wi-Fi, as public networks are less secure.
  4. Use a password manager to store the passwords for all your accounts, because passwords are the first line of defence against online threats.

Download the tipsheet in PDF format.

Visit the Security Matters website regularly to learn more about online safety tips and resources.

Strengthening security awareness: Inviting appointed staff to lead the way

In June 2023, the University launched the Security Awareness Training (SAT) Foundations project as part of the broader Security Awareness and Training Program (SATP).

Co-led by Raphaelle Gauriau, Manager, Information Security Strategic Execution, ITS and John Stewart, Information Security Program Manager, I&ITS, U of T Scarborough, the project aims to provide U of T staff, librarians and faculty with baseline training to help improve their knowledge about essential information security topics and threats.

“In an ever-evolving digital landscape, equipping ourselves with the right tools and knowledge is important to keeping our people, data and systems secure and safe. We are hoping the U of T community will join us in this journey to collectively strengthen our digital resilience,” said Raphaelle.

Following the successful launch of phase one, the team is now inviting all tri-campus units to participate in phase two of the project. During this phase, appointed staff from participating units may be onboarded to the project.

Phase two will run from September 2023 to March 2024.

By engaging in phase two, units will have access to comprehensive training modules, thoughtfully designed to be both engaging and informative. These modules cover a wide range of topics, from identifying phishing attempts to safeguarding sensitive data.

The first 20 units to join the program and the first 50 participants to complete the training will have an opportunity to win exciting prizes.

“We are excited to extend the SAT Foundations project to all tri-campus units. Information security is a collective responsibility and by empowering individuals with baseline training, we can collectively build a more secure digital future,” expressed John.

How can units join the project?

Interested units can reach out to Ben Akhirevbulu, Project Manager.

For more information, visit the SAT Foundations web page.

Four online safety tips for students going back to school

A new school year is just around the corner! While this is an exciting time for students, it’s also prime time for malicious actors to take advantage of unsuspecting students.

Review these simple and effective tips to help you stay safe online and protect yourself, your data and the University.

Infographic explaining four ways to stay safe online this school season


View the image in a higher resolution.

Resources to protect yourself online:

  1. Protect your online accounts.
    Safe password practices.
  2. Enrol in UTORMFA.
    UTORMFA is the University of Toronto’s multi-factor authentication solution.
  3. Protect yourself against fraud.
    Tips for identifying and reporting a phishing attempt.
  4. Protect your devices.
    Protect yourself against malware.

Visit the Security Matters website regularly to learn more about online safety tips and resources.

Secure U of T: New security features to safeguard Office 365 accounts

The University of Toronto recently implemented a series of essential protections to secure data and collaboration tools in Office 365 (O365) as part of advanced threat protection, a Secure U (of T) initiative. Efforts followed an accelerated timeline, as heightened security risks due to the current geo-political situation have amplified the need to enhance our security protections.

“These new security features protect O365 users against security threats such as impersonation attempts, malicious attachments and links in emails, documents and more. They also improve our ability to detect and prevent security threats.” said Kalyani Khati, Associate Director, Information Security Strategic Initiatives.

This initiative is a collaboration between Information Security and Enterprise Applications and Solutions Integration.

Visit for more information about the initiative.

‘Tis the season to shop safe online

The holiday season is a lucrative time for online retailers and a vulnerable time for online shoppers. As many people take advantage of holiday deals and shop online, hackers take advantage of this time of the year to steal sensitive and confidential information.

With the increased number of phishing attacks in recent weeks, it’s important to stay aware and practice good cyber security during the holiday season. Here are five simple steps to protect your information and shop online safely:

Look out for suspicious emails

With the high volume of holiday messages, newsletters, sales and other emails landing in your inbox, ensure that you only open emails from known and trusted senders. Don’t click on unknown links, download attachments or reply to unsolicited emails from unfamiliar senders.

Secure your login

If an online retailer requires that you create an account for purchases, create a strong password and use multi-factor authentication (MFA) when possible. Ensure that your password is unique from other passwords. The more unique passwords you have, the more difficult it will be for your accounts to be hacked. MFA will enhance security on your online accounts by enabling stronger authentication tools like a one-time code sent to your phone.

Think before you click

Be wary of clicking links from unfamiliar websites, particularly the ones that give away discounts that seem too good to be true. If you receive an enticing offer through email or text, do not engage. Visit the company’s official website or app to verify the legitimacy of the offer. Beware of smishing (SMS phishing) messages offering deals and discounts, even from brands you think you’re subscribed to as they could be fraudulent. If you receive an SMS from an unknown phone number, do not engage.

Don’t save your payment information online

When making an online purchase, pay attention to the information being requested to complete your purchase. Remember that you only need to fill out required fields while checking out. Online retailers are one of the biggest targets for hackers, and saving your credit card details on a retailer’s website could compromise your information in the event of a data breach.

Monitor your online activity

Check your online accounts and banking statements regularly for any suspicious activity. You can also set up alerts for your debit or credit cards to monitor suspicious activity.

Check out more tips you can follow to shop online securely this holiday season.  

For more information on cyber security, please visit 

Safe shopping!