Christmas and the January sales are huge online shopping events, making them prime targets for cyber criminals. Here’s how to buy your gifts, without handing a gift to hackers.
1) Do not shop on insecure public networks
It might be tempting to get through your Christmas list, or do some sales shopping, whilst sat on the coffee shop’s free WiFi, but it is not very secure, and very easy for hackers to exploit to get information like card numbers. Anything that requires entering and sending your personal details or bank account or card details should only over be done over a private, secure, connection.
2) Check vendors have SSL certificates
SSL certificates are one way of determining whether or not an online shop is secure or not. You can see whether or not it does have an SSL by looking for a padlock on the left hand side of the address bar. This should be present at the check out stage of any transaction i.e. when you are actually entering your personal details. You also check that the domain begins https:// not just http://
3) Make sure your security software is updated
This is just good basic web hygiene anyway, but it is particularly important when you are shopping online. If hackers have managed to use your shopping spree to gain access to your computer or your personal details, or an ad you clicked on also downloaded malware, you need up-to-date anti-virus software to spot it. Tools can also let you known if you’re going onto an insecure website. Mobile devices should have security software installed and updated on them too.
4) If an offer looks too good to be true, it probably is
The web is full of wonderful offers, but be wary of ones that seem almost too good. Christmas shopping and the January sales are prime targets for online scammers, and so it is normally best to stick to well known websites and vendors that you trust. Avoid those with little selling history, and check comments from others for any frequent issues.
5) Beware of follow up phishing
One way cyber criminals exploit online shopping is hacking people to find out what they have bought, and then following up with emails, phone calls or text messages about those purchases or similar products to con victims into handing over personal details or money for things that do no exist.
6) Do not transfer money directly
Money transfers are not secure, and direct banking transactions also may not be entirely safe. Transfer money using services such as Paypal, as it is safer than make direct transfers into bank accounts. Paypal offers Buyer Protection and Seller Protection to cover victims. Use credit online too, as they offer protection.
7) Turn on two factor authentication
If a shopping website gives you the option of turning on and using two factor authentication use it. This normally means that as well as using password and login credentials you will also get a text message asking you to confirm that you are the right person. Hackers who take login credentials will not be able to gain access to your account unless they have your phone.
8) Watch for fake websites
A very common scam is fraudsters building that look like the real thing, but are not. Often these use very similar domains like, ebays.com, that can easily be missed if you are not looking carefully. Once your banking details are entered on these websites the hackers have them so check that address bar before you buy.
9) Change your passwords
Again this is a good digital hygiene tip that is very applicable to online shopping. Passwords to online shopping sites that you use often should be changed frequently to make it harder for the cyber criminals to gain access to your accounts. A password manager can help you build a set of secure passwords.
10) Have a dedicated email address
Setting up a dedicated email address for your online shopping helps separate it from your other online activities. It means that if your normal email is hacked, the cyber criminals do not have access to the email address associated with your bank details.
