The holiday shopping season and online deals seem to arrive earlier each year; now is a great time to review some online shopping safety tips, and prepare your computer or device for a safe shopping experience.
- Look for a secure checkout page. This is generally indicated with a padlock in the browser’s address bar and an address that begins with: https:// (instead of http://).
- Read reviews for new or unfamiliar digital storefronts – even sites with https:// can still be a scam or skim your payment information, and other shoppers may have posted reviews or warnings online.
- Use unique passwords for each site; if a website is hacked, there is a good chance your credentials will be published and sold online. If you use the same email/password combination for multiple websites, these accounts also become vulnerable.
- When setting up accounts, consider adding two-factor authentication when it is available. This may send a code via text message or email to verify your identity.
- As you scroll through the purchase screens, look carefully at the boxes you can check/uncheck regarding your email address. You can often choose to only receive messages related to your specific order, and eliminate extra email in your inbox advising you of sales and special discounts months from now. A clean inbox is a safer inbox!
- Check your computer and browsers for updates. You should also check your browser for added extensions/plugins, check the preferred search engine and check the homepage/new tab settings. Odd settings in these areas can often be a sign that your browser was hijacked or you have virus/malware or other unfriendly installation on your computer.
- Consider a Virtual Credit Card if your provider offers this service: a virtual card acts like a digital representation of your real credit card. Your virtual card can simply be deleted if compromised, instead of ordering and waiting for a new physical credit card.
- Limit the amount of transactions or business you perform over public Wi-Fi connections.
- Don’t click on links in online advertisements or in your email without checking their validity first: hover over the links without clicking to see a preview of the destination address. Some website addresses will try to trick you. For instance, can you see the difference between www.amazon.com and say www.amaz0n.com? The second address has a zero instead of the normal spelling.
- Don’t open attachments in an email unless you are expecting an attachment from that sender. A current threat is a fake invoice sent from users in your contact list. You might be familiar with the person sending the email, but does that person normally send you invoices? It is always a good idea to contact the sender personally before opening, to ask if they intended to send you an attachment.
- Be cautious when installing shopping, coupon and holiday apps – especially on Android devices. Apps will often appear to offer great shopping deals, but may actually steal your data.
- When shopping at a new online venue, search for online reviews or ratings. Use the words “fraud” or “scam” in your search. Pay attention to grammar, spelling and design on the website – if anything appears “off”, the website may be a scam, and the deals too good to be true.
More online safety tips from The National Cyber Security Alliance