A password checker evaluates your password's strength automatically. Click here to use Microsoft’s secure password checker
Tips for Safe Online Shopping
Protect yourself from identity thieves and other online retail scams
Most of us couldn’t do without the convenience of online shopping. Whether it means getting the best price on the latest video game or purchasing the perfect pair of shoes, online shopping gives us access to products, services, and special deals that might be unavailable to us otherwise.
However, online shopping has its risks. The popularity—and profitability—of online retail has resulted in unscrupulous people looking to take advantage of unwary shoppers. Their tactics may include:
- Deception. In the virtual world, it can be hard to distinguish reputable retailers from criminals, as just about anyone can set up a fraudulent web site that appears to be a legitimate business.
- Invasion. You may inadvertently download spyware on your computer that allows access to your personal information and passwords, and sophisticated hackers can breach online business databases to harvest customer payment information.
With risks that differ from walk-in stores, online shopping requires special precautions. To protect yourself and your information, read on for steps to take before you type in your credit card information and click “Buy.”
Use a good anti-malware program
This may sound obvious, but many people ignore the advice to install anti-malware software. It is critical that online shoppers secure their PC from viruses and other attacks.
To ensure that your security program’s protection stays current, keep its virus and malware signatures up-to-date. Fortunately, most programs can automatically update these signatures, so be sure the automatic updating feature is enabled in your software. There are several good companies that do this, Norton being one of them.
Optimize your PC’s security settings
In addition to maintaining and updating your antivirus and antispyware protection, make sure your PC’s security settings are optimized. Many malicious programs are explicitly designed to take advantage of security vulnerabilities in operating systems and web browsers. Two simple ways to protect yourself:
- Keep your browser and operating system up-to-date: take the time to install those free updates and security patches when they’re released. Here too, you may want to enable your settings so that these updates are installed automatically.
- Make sure that the web site that you are visiting has a SSL (Secure Socket Layer) certificate i.e. GeoTrust, Thawte or VeriSign. There are other companies that do so. The SSL certificates offer an encrypted link between the website and the server to ensure security. Clients on Safe Shopping Network all display secure testing certificates. These sites carry a 100% score in safety.
- SSL encrypted sites are typically indicated with a padlock icon and a web site address that begins with “https:” instead of “http:”.
Share payment information only with known or reputable vendors
The single best thing you can to do protect yourself is to be careful about who you’re giving your payment details to. If you’re not entirely sure whether the retailer you’re visiting is reliable, do some research to verify its authenticity and security.
Or use a third-party payment processor instead of giving your payment information directly to the online store. Most accept payment from trusted third-party processors, such as PayPal or Google Checkout. This limits the risk of your payment details getting into the wrong hands, because it is ultimately handled by fewer online entities.
Use a credit card instead of a debit card
Credit cards can be the safer choice for online shopping. If someone manages to intercept your financial information online, they can do less damage and you have more recourse than if you’d used a debit card. This is for two reasons:
- Credit cards have spending limits, while debit cards—which are directly linked to your bank account—do not.
- You can dispute fraudulent charges made to a credit card without being out-of-pocket the amount in dispute, but money withdrawn directly from your checking account by a debit card is much more difficult to recover.
Consider using a credit card with a low credit limit specifically for your online purchases. Some banks now offer “one-time use” or “virtual” credit cards that are designed specifically for online shopping—these are good only for one transaction from a specific vendor.
Print or save a copy of your orders
It’s always a good idea to keep documentation of your online purchases. Most retailers will send you an email or refer you to a web page with a confirmation of your purchase; this page should include a purchase receipt and a confirmation number. Print or save the confirmation and keep it until you receive your product.
Use strong passwords
Often, one of the most critical security steps is the one we give the least attention to—our passwords. Passwords can be the best security defenses we have, but if they’re not created properly, a hacker can easily guess them. For any online shopping accounts you have, be sure to create good passwords.
Tips for Creating a Strong Password
- Length. Make your passwords long with eight or more characters.
- Complexity. Include letters, punctuation, symbols, and numbers. Use the entire keyboard, not just the letters and characters you use or see most often. The greater the variety of characters in your password, the better. However, password hacking software automatically checks for common letter-to-symbol conversions, such as changing "and" to "&" or "to" to "2."
- Variation. To keep strong passwords effective, change them often. Set an automatic reminder for yourself to change your passwords on your email, banking, and credit card websites about every three months.
- Variety. Don't use the same password for everything. Cybercriminals steal passwords on websites that have very little security, and then they use that same password and user name in more secure environments, such as banking websites.
There are many ways to create a long, complex password. Here are some suggestions that might help you remember it easily:
What to do
Start with a sentence or two.
Complex passwords are safer.
Remove the spaces between the words in the sentence.
Turn words into shorthand or intentionally misspell a word.
Add length with numbers. Put numbers that are meaningful to you after the sentence.
More strategies for strong passwords
Test your password with a password checker
A password checker evaluates your password's strength automatically. Click here to use Microsoft’s secure password checker. (https://www.microsoft.com/en-gb/security/pc-security/password-checker.aspx)
Avoid common password pitfalls
Cyber criminals use sophisticated tools that can rapidly decipher passwords. Avoid creating passwords that use:
- Dictionary words in any language.
- Words spelled backwards, common misspellings, and abbreviations.
- Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty).
- Personal information. Your name, birthday, driver's license, passport number, or similar information.
Check your statements often
To ensure that no unknown or fraudulent charges have been posted to your accounts, check your statements every month. If you see a charge that looks out of the ordinary, report it to your credit card company or financial institution immediately.
Remember: If it looks too good to be true…
The old-fashioned shopper’s rule of thumb “buyer beware” still applies to online purchases. If you’re being offered a top-of-the-line item for an unbelievably rock-bottom price, it may really be too good to be true. Do additional research about the vendor before buying. At very least, check for a phone number and street or mailing address so that if there are any problems with your order, you have someone to contact.