Whether it’s to avoid the craziness of Black Friday or just for the simple convenience, more and more consumers are turning to Cyber Monday and online shopping to meet their gift giving needs. Although this may be significantly more convenient than fighting the crowds, it can also make you significantly more susceptible to identity theft and other unfortunate cyber-crimes.
Here are some tips to stay safe while taking advantage of online shopping:
- Shop from a secure computer and secure connection.
Be sure your operating system (OS), browsers, and antivirus/anti-malware suite are up to date with the most current patches. When accessing a store’s website, be sure to check whether it is HTTPS so that your transactions are encrypted.
If you’re on your mobile device, be sure you’re using a secure Wi-Fi connection. In short, don’t shop while sipping your latte at Starbucks.
- Use trusted vendors and their apps, rather than a link.
Hackers have become very adept at spoofing vendor webpages. Always shop with trusted vendors and type in the web address whenever possible instead of following a link.
If you’re on your phone, download the vendor’s app from Google Play Store or Apple’s App Store, and use the app instead of a link out to a browser window.
- Don’t fall for “too-good-to-be-true” deals.
Watch out especially for email and text messages promising fantastic savings during the holiday rush. For every legit ad, there are a plethora of fake ads laced with malware or other cyber crippling attacks. Avoid clicking on ad links. Go to the site directly.
- Plan ahead and don’t be rushed.
Last-minute shopping often leads to absent-minded clicking. Take your time to make sure you are on the correct website, especially before entering any credit card or banking information. It only takes one wrong click to activate a malicious code on a webpage.
- Details, Details, Details.
It’s important to stay organized when shopping and keep track of the details of your order. After you make your online purchase, file your receipt, order confirmation number, and postal tracking number in a safe place. This information could come in handy should you have an issue with your order.
- Review credit card and bank statements regularly during the shopping season.
Infected credit card readers, unscrupulous cashiers, Cross-Site Scripting (XSS) and Man-in-the-Middle attacks can gain access to your credit card information and sell it to the highest bidder. It’s a best practice to review your statements regularly. If you find a discrepancy, contact your bank or card issuer immediately.
If you’re using your bank app on your mobile device, be sure it is up-to-date with necessary security patches and that you only access the app on a secure connection. DON’T use public Wi-Fi – transactions submitted on unsecured Wi-Fi pretty much travel across thin air with no encryption. Which means any script kiddie can pluck your data by eavesdropping on your public Wi-Fi connection.
- Use unique passwords and logon information for every site you visit.
Tedious? Yes. Worth it? Yes, in the long run. Because if your login credentials are stolen for one site, a cyber crook will more than likely try using it on other websites. If they’re all the same, that crook now has access to your Target, Walmart, Amazon, and Twitter accounts. If you have registered a credit card or one-click shopping with any of those accounts, the cyber crook can go to town maxing out your limits. Then, they can tweet about all their cool purchases bought using your account.
Passwords should never be reused, recycled, or words found in a dictionary… even the urban dictionary. It is best to use a “passphrase” of at least 12 to 20 characters long. The longer the better. It should also contain a mix of upper- and lowercase characters, numbers, punctuation, and symbols that do not spell out a particular word. If you have trouble handling them all, use a password manager. Most password managers also have a “generate password” function to help you come up with unique ones.
- If you don’t receive your order, take action immediately.
If you’re having issues with your tracking number, or simply don’t receive the items you’ve purchased, call the store’s customer service number and provide as much information as possible. If you find that the store turned out to be fake altogether, then file a complaint with the following organizations:
- Check the privacy policy.
Although privacy policies can often be lengthy and dry, they should outline what personal information the website is collecting, why, and how they will use the information. If you can’t find the privacy policy, or don’t understand it, consider calling their customer service department or choose another vendor.
- Be on the look out for scams before you start shopping.
Check your local and national news channels, and sites like the Better Business Bureau for the latest scams that have been reported. If you educate yourself before you dive into the cyber shopping world, you won’t be caught off guard.
Remember to keep these tips in mind so that you can safely enjoy all the cyber deals this holiday season.