HomeCrime PreventionOnline Shopping Safety
Online Shopping Safety
Who doesn’t like shopping, right? The bargains are there. Huge selections, secure shopping from the comfort of your home, shipping is fast and easy.
But, then there are the bad guys! The FBI's Internet Crime Complaint Center says the number one cybercrime of 2017 was related to online shopping: non-payment for or non-deliver of goods purchased. Phishing was third, but it was at an all-time high during Q2 2018, according to the APWG's Phishing Activity Trends Report.
A recent survey asked if people had experienced a cyber attack like malware, credit card fraud, or ransomware—a full 25 percent said they had.
Stay calm. While somewhat alarming, these stats should not keep you from shopping online. You simply need to use some common sense and follow practical advice. Here are basic guidelines; use them and you can shop with confidence as you check off items on that holiday shopping list.
-
Use Familiar Websites
- Start at a trusted site. Search results can be rigged to lead you astray, especially when you drift past the first few pages of links. If you know the site, chances are it's less likely to be a rip-off.
- We all know Amazon.com carries everything under the sun; likewise, just about every major retail outlet has an online store, from Target to Best Buy to Home Depot. Beware of misspellings or sites using a different top-level domain (.net instead of .com, for example)—those are the oldest tricks in the book. Yes, sales on these sites might look enticing, but that's how they trick you into giving up your info
-
Look for the Lock
- Never ever, ever buy anything online using your credit card from a site that doesn't have SSL (secure sockets layer) encryption installed—at the very least. You'll know if the site has SSL because the URL for the site will start with HTTPS—instead of just HTTP. An icon of a locked padlock () will appear, typically to the left of the URL in the address bar or the status bar down below; it depends on your browser.
- HTTPS is pretty standard now even on non-shopping sites, enough that Google Chrome flags any page without the extra S as "not secure." So a site without it should stand out even more.
-
Don't Overshare
- No online shopping e-tailer needs your Social Security number or your birthday to do business. However, if crooks get them and your credit card number, they can do a lot of damage. The more scammers know, the easier it is to steal your identity. When possible, default to giving up as little personal data as possible. Even major sites get breached.
-
Check Statements Regularly
- Don't wait for your bill to come at the end of the month. Go online regularly during the holiday season and look at electronic statements for your credit card, debit card, and checking accounts. Look for any fraudulent charges, even originating from payment sites like PayPal and Venmo. (After all, there's more than one way to get to your money.)
- Speaking of, you should definitely only buy online with a credit card. If your debit card is compromised, scammers have direct access to your bank funds. Any seller that wants a different kind of payment, like wired money, is a big red flag. The Fair Credit Billing Act ensures that if you get scammed, you are only responsible for up to $50 of charges you didn't authorize. There are protections even if you're not happy with a purchase you did make.
- If you see something wrong, pick up the phone to address the matter quickly. In the case of credit cards, pay the bill only when you know all your charges are accurate. You have 30 days to notify the bank or card issuer of problems, however; after that, you might be liable for the charges anyway.
-
Inoculate Your Computer
- Swindlers don't sit around waiting for you to give them data; sometimes they give you a little something extra to help things along. You need to protect against malware with regular updates to your anti-virus program.
- Better yet, pay for a full-blown security suite, which will have antivirus software, but also will fight spam, spear-phishing emails, and phishing attacks from websites (the latter two try and still your personal info by mimicking a message or site that looks legit).
- Remember, it's not enough to just have it installed. Make sure your anti-malware tools are always up to date. Otherwise, they can let in any new threats—and there are always new threats.
-
Create Strong Passwords
- Most people never change their passwords until they are breached. It is important to create uncrackable passwords. Create one that is unique utilizing capitalization, numbers, letters and symbols.
- But even your perfect password isn't perfect. The smarter move: use a password manager to create virtually uncrackable passwords for you. It'll also keep track of them and enter them, so you don't have to think about it
-
Skip the Card, Use the Phone
- Paying for items using your smartphone is pretty standard these days in brick-and-mortar stores, and is actually even more secure than using your credit card. Using a mobile payment app generates a one-use authentication code for the purchase that no one else could ever steal and use. Plus, you're avoiding card skimmers—heck, you don't even need to take your credit card with you if you only go places where you can see the mobile app symbol. How does that matter if you're online shopping? Many an online stores will now accept payment using mobile apps.
-
Count the Cards
- Gift cards are the most requested holiday gift every year. Stick to the source when you buy one; scammers like to auction off gift cards on sites like eBay with little or no funds on them. Plus there are many gift card "exchanges" out there that are a great idea—letting you trade away cards you don't want for the cards that you do—but you can't trust everyone else using such a service. You might get the card—and it's already been used. Make sure the site you're using has a rock-solid and clear-as-crystal guarantee policy in place. Better yet, just go directly to a retail brick-and-mortar store to get the physical card.
-
Count the Cards
- If you're wary of a site, perform your due-diligence. The Better Business Bureau has an online directory and a scam tracker. Yelp and Google are full of retailer reviews. Put companies through the ringer before you plunk down your credit card number. There's a reason that non-delivery/non-payment is the most common cyber crime complaint these days: it hurts when that happens, financially and emotionally.
- That said—online reviews can also be gamed. If you see nothing but positive feedback and can't tell if the writers are legitimate customers, follow your instincts.
- If nothing else, make absolutely sure you've got a concrete address and a working phone number for the seller. If things go bad, you have a place to take your complaint. In fact, call them before you order so you can clarify a return policy and where to go with any issues after the purchase.
The bottom line is this…Shopping on-line can be safe and easy. Be sure to verify the companies that you are doing business with. Make sure that you have an address and phone number should you need to contact the company. Make sure that the sites are secure with HTTPS instead of http. Never give out your Social Security Number. Use a Credit Card instead of a Debit Card to shop. Check your bank statements frequently. Check your credit card bill thoroughly. More and more businesses are accepting mobile pay apps which you can securely set up on your phone. This may be a safer and easier route for you!