When shopping online it’s best to stick to credit cards or payment services like Paypal. Because debit cards are linked to your bank account, you’re at much higher risk if someone is able to hack your information. Credit cards offer more protection and less liability if a card number gets stolen. This is one time when it pays to put it on plastic.
Our advisory group member and cybersecurity expert Pete Canavan agrees. For speedy refunds in case something does go wrong, he recommends sticking to payment services and credit cards.
"When a fraudulent site or transaction is found, credit card companies will typically immediately reverse the charge and conduct an investigation," he says. "If you use your debit card and there is a problem, your bank may not give you the money back until after an investigation is conducted, which could take weeks or months."
2. Shop secure sites only
Before entering any personal or financial information, make sure you verify that the site you are on is legitimate and secure. The easiest way to tell is to look for “https” at the beginning of a site’s address. If you don’t see the “s” at the end of “http,” then the site is not encrypted and your data will not be secure. All legitimate shopping sites will have the “s” for your protection.
Updating your software is one of the easiest things you can do to protect your information, but many people put it off. Software updates are often released to help improve security and fight new attacks that are being developed constantly. It may seem inconvenient to have to wait for your computer (or your smartphone) to go through updates and restart, but the protective benefits are well worth it. Next time you see an alert to update your software, do it.
The holidays are a great time for email scammers to send out viruses and malware in the guise of a gift or special offer. Don’t open emails from someone you don’t know or a site you haven’t visited. Another way the bad guys try to get you is with phony messages from your bank or other financial institution saying there is an alert or problem with your account. Always call the bank directly to verify any potential problems and never enter your account information in response to an email like this.
Watch out for product scams, too
Unfortunately, a slew of mysterious brands are popping up all over our favorite online shopping spots and social media. It can be hard to tell the fakes from the real deal. Here are some tips to help you spot a product scam:
- Read customer reviews. Look for too many super-positive reviews and repeated language or phrases.
- Scrutinize photos. See if you can find the origin of the photo. If it's a stock image, beware.
- Get help. One of our staff experts uses Fakespot to help find imposter companies.
In addition to sneaky attacks in emails, beware of links to deals that are too good to be true on social networking sites. Look out for unbelievable offers and holiday gifts and bonuses. If you’re really tempted by an offer, do some research or find out if anyone else has tried to take advantage of the deal before clicking.
6. Beef up your passwords
There’s a reason this piece of advice may sound like a broken record — it’s really important. Secure, unique passwords are your best gatekeepers when it comes to keeping your private information private. If you use the same password for multiple sites, take the time to change them up. If you want to be virtually hack-proof, use a password manager to help you generate and keep track of the types of long, complicated passwords that are not worth a hacker’s time to crack.
Use a password phrase
Password phrases are becoming the top recommendation to protect your accounts. A phrase is easier for you to remember and it's more complex, which makes it harder for a hacker to guess. Just make sure to follow all the other password best practices—and don't use a common phrase or saying that could be easily guessed.
7. Never give more info than needed
Free hotspots are like manna from heaven when you’re out and about, but hackers like them even more than you do. Because public networks aren’t secured, any information you enter on a public network is ripe for the picking. Don’t log in to banking sites or payment sites like Paypal on a public network — and make sure that you are logged out of such sites on mobile devices before connecting to a public network.
9. Be smart about shopping apps
Apps make everything more convenient, including stealing your private information. Only download shopping apps from a reliable source like the Apple App Store or Google Play. Pay attention to the permissions that the app asks for. If you see something that doesn’t make sense, like access to your contacts, make sure you don’t allow the app access to it. Checking out the comments and reviews of an app before downloading is another way to identify suspicious activity.
10. Put devices on lockdown
One of the perks of online shopping is that you can do it from anywhere and use any device. Make sure every device that you shop from has security software in place. Always use a passcode to access your tablet or smartphone, and log off your computer or lock the screen when you walk away from it. After accessing a shopping or banking site, be sure to completely log out of the site before exiting, and don’t let your computer or device remember your usernames, passwords, or credit card information.
Use a VPN
Virtual private networks (VPNs) basically put your internet connection in stealth mode. If you have to shop on your phone or over a public network, using a VPN is your best protection from hackers. See our top VPN picks and start protecting your transactions now.
A stolen identity or wiped-out bank account aren't the kinds of surprises you want. Make sure you have only nice surprises this holiday season by putting these smart online shopping tips to work.
Related pages on SafeWise