- How online shopping puts you at risk
- Online shopping safety tips
- 1. Only shop on HTTPS websites
- 2. Make sure you’re visiting a legitimate online store
- 3. Be careful around URL shorteners
- 4. Avoid email links
- 5. Never shop on public Wi-Fi
- 6. Monitor your debit card and credit card statements
- 7. Consider using a virtual credit card
- 8. Keep your browser updated
- 9. Practice good password security
- 10. The less information you give, the better
How online shopping puts you at risk
Identity theft, parcel fraud, chargeback fraud, account takeovers and phishing scams are major threats for online shoppers and merchants, but because hacking theft isn’t as visible as traditional theft, scammers are a lot harder to trace and catch.
In fact, your safety largely depends on you. Not only does an online store need to prioritize customer security, and as a consumer you’re also responsible for keeping your personal information secure.
The FTC (US Federal Trade Commission) received 2.2 million fraud reports in 2020, with consumers reporting losses of $3.3 billion. That’s $1.8 billion more than in 2019.
In recent years, even huge companies like eBay, Amazon, and easyJet have leaked information for billions of customers. Shoppers face huge financial losses, so it’s essential that we all learn to take our safety into our own hands.
Online shopping safety tips
1. Only shop on HTTPS websites
Make sure the online store you’re visiting uses HTTPS. This means that your details are covered by basic TLS encryption all the way from your browser to the site you’re shopping on. HTTPS sites aren’t necessarily super-secure, but if the admin went through the trouble of implementing HTTPS to secure your data, you know they’ve taken at least one important step.
Checking this is easy – simply look at the URL bar to see if it begins with “https://” the way it does on our website.
2. Make sure you’re visiting a legitimate online store
Before entering any personal information to complete your purchase, check to make sure you’re on the right online store. There are a lot of opportunities for hackers and scammers to redirect you to the wrong website, or in other words, spoof the URL.
You might think that you are buying your new sneakers straight from Nike but you find yourself on “n1ke.com” (a hypothetical example). If so, it’s time to delete everything you just entered and back away!
3. Be careful around URL shorteners
Marketers love URL shorteners because they make long URLs full of tracking codes less unsightly. However, scammers can also use URL shorteners to hide the URL you’re being sent to.
When you see an ad with a URL shortener for a great deal, consider navigating to the brand’s website yourself simply by using your address bar. Chances are you’ll find the same deal on their site. If not, it could be that the URL shortener you saw was being used by a scammer.
There’s nothing wrong with clicking on a shortener, but if you do, make sure that the URL you wind up on looks legitimate (see URL spoofing techniques post!).
4. Avoid email links
Another technique scammers might use to get your credit card information is phishing. It’s a very popular and effective way to hack someone by using carefully crafted emails. They will usually offer you discounts or offers that are too hard to resist. They can also include a spoofed URL, which will lead you to an order page and make their fraud even more convincing.
Whenever you receive such an email – especially on Black Friday, Cyber Monday or just before Christmas – ask yourself these questions:
- What are they asking for? Most legitimate websites won’t ask you for any additional information after you have completed your purchase. If the email is asking you for your password or for any information the site should already have, that’s a dead giveaway.
- Where do these links lead? You’re better off not clicking on any email links before you check the URL they sent you. Does it use the same domain name (the “PayPal” in www.paypal.com) and top-level domain (the “.com” in www.paypal.com)? You can hover over the link or right-click on it before following it to see where it leads.
- Who is the sender? PayPal and eBay are two of the most commonly impersonated sites in phishing emails, but there are plenty of others. Anyone can set their visible name to be “Paypal.com” or “eBay,” but only an employee of these companies can use an email address ending in @paypal.com or @ebay.com that your email provider won’t flag. Make sure you closely inspect their email address before trusting them. And, if you shop online, make sure to learn about common eBay scams.
5. Never shop on public Wi-Fi
If at all possible, never shop online on public Wi-Fi networks. Public Wi-Fi is the perfect place for scammers and hackers to do their work. These networks feature poor security and can be scanned by hackers looking for weak connections. Public computers are also highly insecure, but there are ways to improve your security.
If you absolutely HAVE TO use public Wi-Fi, then it’s essential to use a VPN. The encrypted connection will make sure that your online banking or credit card credentials will be safe when you hit “Buy.”
Stay safe while shopping online. It’s easy with NordVPN.
6. Monitor your debit card and credit card statements
It might sound obvious but you should always keep track of your purchases and their prices. This can help you spot potential hacks or dishonest business practices so you can respond ASAP. Legitimate businesses might overstate their discounts or add hidden fees that you will be charged once your purchase is complete.
If you use a banking app, turn on push notifications to track the payments you make. You can even call your bank to see what other notification options they might have or just order debit card or credit card statements. Look out for fraudulent charges. When you see one, contact your bank to contest the charge and shut down the card. That will make the leaked information useless in the hacker’s hands.
7. Consider using a virtual credit card
A virtual credit card is exactly what it sounds like – a purely digital credit card that you can only use online. By linking it to a real credit card or debit card you own, you can shop online without ever revealing your actual credit card information. Best of all, a virtual card won’t revel your real CVV code. You can also set your virtual credit card to only allow purchases up to a certain amount or to expire after a certain day.
8. Keep your browser updated
Your browser is what takes you from one online shop to another. Therefore it’s important to keep it updated and upgraded with the best security and privacy extensions. It will protect your personal information from leaking.
There are many hacking methods that target vulnerabilities in outdated browser versions or unsecured online stores. After all, updates are usually released in order to address known vulnerabilities. Don’t give hackers a chance and stay updated.
9. Practice good password security
Good password security is always important, but it’s easy to forget this when you’re making new shopping accounts for different online shops. Creating unique and secure passwords for every site (and remembering them) can be a tall order if you plan on doing a lot of shopping, but there are tools that will help you – password managers.
10. The less information you give, the better
After completing a few purchases on trusted websites, you start to get an idea of what sort of data they legitimately require:
- Your billing information;
- The address where you want them to ship your product;
- Your name and contact info.
If a website asks you for additional personal information that ISN’T OPTIONAL, turn around and leave. Some websites will ask for additional information for marketing purposes, but it won’t be mandatory. No website should ask for your personal ID number or your password to another site or service to sell you something. If they ask, turn around and run – you were probably about to get scammed.
And one last piece of advice – use NordVPN’s Threat Protection to block malicious websites and ads for a safer shopping experience. Additionally, Threat Protection comes with a handy URL trimming feature that grants you more digital privacy as you shop. It removes tracking parameters that websites add to URL links to track your activity – so you can keep your online habits to yourself.
And remember – always stay vigilant. If something sounds too good to be true, it’s probably a scam.