Shopping Safely Online

As the holiday season approaches, ensure you’re not giving the gift of your personal or financial information to online criminals. Online and mobile shopping can expose you to risks like identity theft, scams, frauds, and malware infections. To make your holiday shopping experiences more secure, read on for our best safety tips.

Create and maintain safe online shopping accounts

  • Establish a strong password for each account. Always use 10+ characters and include a mix of uppercase letters, lowercase letters, numbers, and special characters.
  • Use different passwords for each of your online accounts. If one retailer experiences a data breach that leaks your username or password, criminals can then access any other account that uses the same credentials. If you have trouble remembering all your unique passwords, consider either following a pattern for each password or signing up for a password manager.
  • Check out as a guest to avoid saving payment information online. The minimal inconvenience of re-entering your credit card information for every purchase will keep you safer in the event of a data breach, since none of your information will be available to expose. You will also prevent the theft of your information by anyone who gains unauthorized access to your account.
  • Use one credit card online or pay through a secure online mechanism. By using only one credit card online you can limit the damage if malicious individuals gain that information. Alternatively, use a secure online payment service such as PayPal.

Shop with trusted online retailers while browsing safely

  • Use well-known online retailers that have an established reputation for strong cybersecurity. Verify that they have good contact information listed on their site and check with the Better Business Bureau or the Federal Trade Commission if you have questions or concerns.
  • Make sure you see a lock symbol at the top of your browser or “https” in your URL bar before entering your financial information. That way, your communications with the website are encrypted and safe from prying eyes.
  • Never shop or log into personal accounts when on public Wi-Fi or a public device. Public Wi-Fi can expose all transmitted personal information to criminals. Public, shared devices such as kiosks or library computers can be infected with malware that will steal your information.
  • Do not leave your browser open on a shopping site for long periods of time. Website advertising feeds can be hijacked by cyber criminals, who then install malware on your device. This malware can steal your personal information or encrypt your device and demand a ransom to return it to your control.
  • Keep your devices up-to-date. Always install updates to your devices and software when they are available to fix known problems and vulnerabilities.

Be smart when it comes to email confirmations and tracking information

  • Be careful which links you click in your emails. At this time of a year, a favorite trick among cyber criminals is to send emails designed to look like they’re from major shipping companies with links to track your packages. When you click on the links, you download malware. These scams succeed because at this time of year, consumers order many items online and are eagerly awaiting their delivery. A safer way to track your package is to cut and paste your tracking number into the shipping company’s website directly.
  • Do not use your work email address for retail accounts. Use one of the free webmail accounts such as Gmail or Hotmail instead. That way, it will be much easier to identify a potentially malicious email sent to your work account, since online retailers should not know that email address. This will also help you protect your employment details, which can be used to hack into your work account.