Most Americans shop online for at least some of their holiday needs. Of course, all e-commerce involves some element of cyber-danger. So, here are 11 tips to help you stay safe when you shop online this holiday season.
1. Avoid known scams – Make sure to read Beware These 14 Dangerous Holiday Shopping Scams. Crooks are experts at what they do, so make sure that you know how to protect yourself.
2. Never use debit cards online – If your debit card is stolen all the money in your bank account could get wiped out. It is much better to dispute fraudulent charges and not have to lay out money while the fraud is being investigated, than to be out money and have to get the balance in your bank account restored.
3. Use alerts – If your credit card provider offers the ability to set up text or email alerts you should seriously consider taking advantage of those services. Theoretically, it is ideal to have the issuer send you an alert every time a charge is made on your account; from a practical standpoint, however, if doing so would overwhelm you and cause you to ignore all of the messages, consider asking to be notified when purchases are made over a certain dollar amount or appear to the issuer to be potentially fraudulent. Also, be sure to check your monthly statement for any transactions that you do not recognize.
4. Use one-time, “virtual” credit card numbers when appropriate. – Some financial institutions allow you to use an app (or website) to create disposable, one-time “virtual credit card numbers” that allow you to make a charge to a real credit card account (associated with the virtual number) without having to give the respective merchant your real credit card number. Some virtual credit card systems also allow users to specify maximum allowable charge sizes much lower than they would be on the real corresponding card. While creating one-time numbers takes time, and may be overkill when dealing with a reputable vendor with whom you have dealt in the past and in whose information-security practices you have confidence, virtual credit card numbers are a powerful way to defend against potential fraud when dealing with less familiar parties. Besides minimizing risk in case a vendor turns out to be corrupt, virtual credit card numbers offer other benefits; if a merchant is hacked and criminals obtain a virtual credit card number that was previously used, not only can they not make charges with it, their attempts to do so may even help law enforcement track them down, as well as help forensics teams identify the source of the data leak. Also, please note that while virtual numbers are intended for use online, I have used them for in person transactions as well by printing them out from bank websites–some, but not all, stores accept such payments.
5. Avoid clicking links – Enter the web address (i.e., URLs) of online stores at which you want to shop; do not click links in emails or text messages. I know this is advice that you have heard many times before, but, considering how many breaches begin with someone clicking a link I feel that I should mention it again anyway.
6. Check for encryption, but do not fully trust it – Before entering credit card or other personal information into a web page make sure the site in question is using encryption. Most modern web browsers display “HTTPS” and/or include a lock icon or the like to indicate that encryption is enabled. Also, be aware that many fraudulent merchants use encryption, as do various impersonation websites, so do not believe the oft repeated advice (which is nonsense) that if you see a lock or HTTPS on a site, it is definitely safe to use.
7. Do not provide unnecessary sensitive information – Do not provide your Social Security Number to any stores or sellers. They do not need it. If you are applying for credit be careful – see the aforementioned article about holiday season scams for more information.
8. Use security software – Make sure that there is security software on any device that you use for online shopping – and make sure that the software is up to date. By device I mean not only laptops, but smartphones and tablets as well.
9. Do not shop over public Wi-Fi. If you must shop when you are not using a trusted network, do it over the cellular system. Public WiFi simply poses too many risks. (To learn more about how to use Public Wi-Fi safely, please see How to Safely Use Public Wi-Fi.
10. Do not shop on borrowed devices or public computers. Some websites do not properly instruct web browsers not to cache personal information including credit card data. You don’t want your information to show up when someone else is making a purchase.
11. If something seems suspicious or too good to be true, don’t ignore your instincts.
Happy Holidays and Stay Safe!