Here are some of the most important online shopping security tips for shopping online.
Before you start shopping, updates your devices
Old software on computers, tablets, and smartphones makes them vulnerable. While you may want to get an iPhone update before 10 minutes, it will make you more secure.
Hackers frequently exploit flaws in device operating systems. Patches for known vulnerabilities are installed during updates, lowering your risk.
Before you use your device for online holiday shopping, make sure to install all updates.
Do not visit websites within email links. Type it in the browser instead
Yes, typing in “amazon.com” rather than simply clicking a link in an email is inconvenient.
However, phishing scams are at an all-time high during this time of year. If you click on an email link to a malicious site, malware may be downloaded automatically.
It is best to avoid clicking links and instead go directly to the website by typing it in your browser.
Save sites as shopping bookmarks in your browser to make things easier.
This is more secure than clicking a link in a text message or email.
When possible, use a wallet app for checkout
Giving your debit or credit card to a website is always a risk.
The danger increases if you do your holiday shopping on a site from which you have never purchased before.
Whenever possible, use a wallet app or PayPal to make your purchase.
This eliminates the need to provide your payment card information to the merchant directly.
You instead send them to the wallet app service (Apple Pay, Google Pay, PayPal, etc.).
However, the retailer does not have them.
After you checkout, delete any saved payment cards
Many websites (including Amazon) automatically save your payment card information.
This is a disaster!
Yes, it makes the next purchase more convenient, but it also puts you at risk.
A hacker who has access to your device or account may make purchases.
There is also the possibility of a retailer data breach.
We know of customers who were hit by the Optus Hack and have had their cards saved in the system, even though they closed their accounts two years prior.
These are common and can expose sensitive payment information from customers.
The fewer databases that store your payment information, the better for your security.
Remove your payment card from the site immediately after checking out.
This is usually done by going to your account settings and removing any saved cards in there.
Check that the site is using HTTPS protocol
HTTPS has largely replaced HTTP as the industry standard for websites.
This is in place of “HTTP” without the “S” at the end.
HTTPS indicates that a website encrypts data transmitted through it. Name, address, and payment information, for example.
NEVER shop on a website that does not have HTTPS in the address bar.
A small lock icon in front of the website address is an additional indicator.
Check the Site URL, twice
We all make mistakes now and then.
Especially when typing on a smartphone’s small screen.
A single typo can lead you to a clone site (such as Amazonn(dot)com).
Hackers purchase domains that are similar to those used by well-known retailers.
Then they set up copycat sites to deceive users who type the URL incorrectly.
Take a few extra seconds to double-check that you’re on the right website.
Avoid using free public Wi-Fi when online shopping
When you connect your device to public Wi-Fi, you should expect a stranger to follow you around.
Hackers love the holiday season and will congregate in popular public Wi-Fi hotspots.
They monitor the activities of other devices that are linked to the same free hotspot.
This allows them to see everything you type. Passwords and credit card information, for example.
When using a public Wi-Fi network, never shop online. Instead, turn off Wi-Fi and connect to your mobile hotspot.
Be on the lookout for brand impersonation in emails and texts
During the 2021 holiday shopping season, phishing scammers were very active.
The number of typo-squatting domains associated with phishing attacks increased by 397%.
While phishing should be avoided at all times, it is especially dangerous during the holiday season. Attackers are aware that consumers are expecting retailer holiday sales emails.
This time of year, they also receive a flood of order confirmations and shipping notifications.
These emails are used as templates by hackers.
They impersonate companies such as Target, UPS, and Amazon, among others.
Their emails are nearly identical to the originals. They trick you into clicking and/or logging in to a malicious website.
Keep an eye out for brand impersonation emails and texts.
This is yet another reason why it is always preferable to go directly to a website rather than via an email link.
Enable banking alerts and monitor your accounts
Look for any unusual charges that could indicate a breach.
Setting up banking alerts through your online banking app is one way to automate a monitoring process.
Many banks, for example, allow you to set up alerts for events, such as: When a purchase exceeds a certain dollar amount and when a purchase is made from a location outside of the country and etc.
How safe is your device?
Holiday shopping scams frequently use mobile malware. How safe is your device from malware and malicious apps? Contact us today to schedule a security audit.
