As we enter into the consumer retail frenzy that is known as the Holidays, ESET has published a nice article full of tips to protect yourself from trouble shopping online.
If you don’t recognize a shopping site, be careful
Buy from websites that have established a reputation for doing what they say, providing accurate descriptions of merchandise and delivering it in good shape and on time (user reviews can be good for this). If it’s this season’s must-have, you can bet cybercriminals will know that too – and this year, they have become increasingly adept at targeting scams on the dates people expect a new product – as reported by We Live Security here. When you’re getting down to the wire with shipping deadlines, the last thing you need is a less-than-stellar online retailer delivering gifts late, or mixing up orders among your friends and relatives, which could be worse than no gifts at all.
Logging into lots of sites? Don’t use your “real” password
Earlier this year, four out of five internet users admitted to being “locked” out of websites due to lost or forgotten passwords – and shopping binges can tempt you to reuse the same one, as you log in to site after site. Don’t. If you are reusing a password – make sure it’s a “throwaway”, ie one unrelated to the important passwords you use for email, or for your bank. For good measure, why not use a throwaway email address as well, to cut down on promo emails after the holidays end.
If that price sounds insane, be wary
If it looks too good to be true, it probably is.It might be very tempting, but avoid following links that offer goods, services, or gift cards at impossibly cheap prices. They are just too risky. Even links that arrive as SMS messages – often offering 24-hour discounts, can be scams, as We Live Security reports here. Not all discount vendors are scammers, but ask yourself if the promised savings are worth the gamble (or use Google to search for the offer and/or vendor to see what others are saying).
Make sure it’s secure – and ideally, shop from a PC, not a phone
When you are in the ordering process on a website, check to make sure it is using SSL, the standard in secure transactions – often shown by browsers as a little lock symbol. If that isn’t there, check the URL. You should be able to see https or shttp in front of the web address instead of http. It’s far easier to do these checks on a PC, rather than smartphone or tablet browsers, so it’s worth sitting down, even if it is an impulse buy. Using SSL encrypts the exchange of information, such as your credit card, so eavesdroppers cannot read it. When in doubt, a quick search in Google for the word “scam” or “fraud” along with the site name should tell you if that site has a history of problems.