Your IP: Unknown · Your Status: Unprotected Protected

Blog In Depth

Online shopping security: Make the most of your Black Friday

Oct 31, 2018 · 1 min read

Online shopping security: Make the most of your Black Friday

With Black Friday and Cyber Monday around the corner, savvy online shoppers like you are getting ready to scour the internet for the best deals – but with identity theft and hacks more common than ever, failing to shop online securely can be a costly mistake.

How online shopping puts you at risk

Online shopping might feel safe, but that’s far from true. It needs two things to be safe – a retailer who cares about customer security and smart consumers who know how to keep their data secure.

Hacking and identity theft aren’t as visible as traditional theft – there are no broken windows, no footprints, and no pickpockets to chase. Hackers are rarely caught. Incidents of online theft, however, target millions upon millions of people per year. Don’t leave your shopping spree up to chance.

According to a 2017 cybersecurity report by Symantec, “Within the last year, more than 978 million adults in 20 countries globally experienced cybercrime”

“When it comes to cybersecurity, consumers are overconfident in their security prowess, leaving them vulnerable and enabling cybercriminals to up the ante this year, which has resulted in record attacks.”

“Cybercrime victims share common traits: they are everyday consumers who express confidence and use multiple devices whether at home or on the go, but they have a blind spot when it comes to the basics.”

How to shop online securely on Black Friday

Keep your eyes on the URL bar

This tip has two important aspects to it:

1. Make sure the site you’re visiting uses https. Checking this is easy – simply look at the URL bar to see if it begins with “https://” the way it does on our website.

How to see if a website uses HTTPS

HTTPS means that your details are covered by basic TLS encryption all the way from your browser to the site you’re shopping on. Perhaps more importantly, it also shows that the site you’re visiting cares at least a bit about data security. HTTPS sites aren’t necessarily super-secure, but if the admin went through the trouble of implementing HTTPS to secure your data, you know they’ve taken at least one important step.

2. Make sure you’re visiting a legitimate site. There are a lot of opportunities online for hackers and scammers to redirect you to the wrong online store. Before entering any personal data to complete your purchase, check for the HTTPS in your URL and check to make sure you’re on the right site. If you thought you were buying your new sneakers straight from Nike but you find yourself on “n1ke.com” (a hypothetical example), it’s time to delete everything you just entered and back away!


Never shop on public Wi-Fi

During the Black Friday and Cyber Monday shopping frenzies, online retailers may offer deals with limited quantities or short durations, prompting you to scramble for the nearest internet connection to complete your purchase. If at all possible, however, avoid completing your shopping on public Wi-Fi.

Public Wi-Fi is the perfect place for scammers and hackers to do their work. These networks feature poor security and can be scanned by hackers looking for weak connections. If you absolutely HAVE TO use a public Wi-Fi connection, then it’s essential to use a VPN. The encrypted connection will make sure that your online banking or credit card credentials will be safe when you hit “Buy.”

Be careful around URL shorteners

Marketers love URL shorteners because they make long URLs full of all sorts of tracking codes much shorter and less unsightly. They also allow them to track clicks. However, scammers can also use URL shorteners to hide the URL you’re being sent to.

How a URL shortener looks
Bitly is a popular URL shortener

Avoid clicking on URL shorteners. When you see an ad with a URL shortener for a great deal, consider navigating to the brand’s website yourself using your address bar. Chances are you’ll find the same deal on their site. If not, it could be that the URL shortener you saw was being used by a scammer.

There’s nothing wrong with clicking on a shortener, but if you do, make sure that the URL you wind up on looks legitimate (see the “Keep your eyes on the URL bar” tip!).

Monitor your credit card

As you hunt down Black Friday and Cyber Monday deals, don’t get lost in the rush – keep track of your purchases. This can help you spot potential hacks or dishonest business practices A.S.A.P. so you can respond and protect yourself.

One obvious thing to look out for would be purchases you didn’t make. If you use a banking app, turn on push notifications to track the payments you make. Call your bank to see what other notification options they might have. This will help you spot purchases you know you didn’t make. When you see one, contact your bank to contest the charge and shut down the card. That will make the leaked information useless in the hacker’s hands.

Make sure to keep track of the costs of your purchases. Legitimate businesses might overstate their discounts or add hidden fees that you will be charged once your purchase is complete. By tracking your purchases, you can contest any fees that you think are dishonest.

Consider using a virtual credit card

A virtual credit card is exactly what it sounds like – a purely digital card that you can only use online. By linking it to a real credit card you own, you can spend money in online stores without ever revealing your actual credit card information. Instead, you can set your virtual credit card to only allow purchases up to a certain amount or to expire the day after Cyber Monday.

Shop securely on Black Friday and Cyber Monday

Practice good password security

Good password security is always important, but it’s easy to forget when you’re making new online shopping accounts left and right on Black Friday. Creating unique, secure passwords for every site (and remembering them) can be a tall order if you plan on doing a lot of shopping, but there are tools that will help you – password managers.

For tips on password managers and other useful browser extensions to improve your privacy and security, click here.

Avoid email links

You know Black Friday is coming, but so do hackers. Phishing – scamming victims with carefully crafted emails – is still a very popular and effective way to hack someone. Given all the shopping that people do on Black Friday, they may be extra vulnerable to fake emails asking them to transfer their personal data so they can “complete their purchase” or that offer unbelievable deals on fake websites.

Whenever you receive an email – and especially on Black Friday or Cyber Monday – ask yourselves these questions:

  1. What are they asking me for? Most legitimate websites won’t ask you for any additional information after your purchase is complete, and if they do, it’ll be information you didn’t give them while making your purchase. If the email is asking you for your password or for any information the site should already have, that’s a dead giveaway.
  2. Where do these links lead? You’re better off not clicking on any email links involving purchases, but if you do, make sure you check the URL they send you to. Does it use the same domain name (the “Paypal” in www.paypal.com) and top-level domain (the “.com” in www.paypal.com)? You can right-click on a link or button before following it to see where it leads.
  3. Who is the sender? Paypal and eBay are two of the most commonly impersonated sites in phishing emails, but there are plenty of others. Anyone can set their visible name to be “Paypal.com” or “eBay,” but only an employee of these companies can use an email address ending in @paypal.com or @ebay.com. Make sure you closely inspect the address before trusting the email.

Keep your browser updated

As you gallop around the internet, grabbing Black Friday deals left and right, your browser will be the noble steed taking you from website to website. If you keep it updated and upgraded with the best security and privacy extensions, it will help make sure your information isn’t leaked.

There are many hacking methods that target vulnerabilities in outdated browser versions or unsecured websites. After all, updates are usually released in order to address known vulnerabilities. Don’t give them a chance by staying updated.

The less information you give them, the better

After completing a few purchases on trusted websites, you start to get an idea of what sort of data they legitimately require:

  • Your billing information;
  • The address where you want them to ship your product;
  • Your name and contact info.

If a website asks you for additional information that ISN’T OPTIONAL, turn around and leave. Some websites will ask for additional information for marketing purposes, but it won’t be mandatory. No website should ask for your personal ID number or your password to another site or service to sell you something. If they ask, turn around and run – you were probably about to get scammed.

Happy deal-hunting! NordVPN is offering a huge 75% off deal as Black Friday approaches, so buy it now to make this your best Black Friday yet!


Daniel Markuson
Daniel Markuson successVerified author

Daniel is a digital privacy enthusiast and an Internet security expert. As the blog editor at NordVPN, Daniel is generous with spreading news, stories, and tips through the power of a well-written word.


Subscribe to NordVPN blog