Elad Shapira

10 Tips for Secure Online Shopping on Cyber Monday

Cyber Monday

Cyber Monday is just around the corner, but—let’s face it—shopping online is a lot riskier than it used to be.

It’s true that, as more and more brands offer competitive prices online, shoppers can get some great deals at this time of year. At the same time, however, hackers are increasingly finding new and creative ways to steal your personal data as you shop. 

As a provider of third-party security management, we at Panorays are keenly aware of the online cyber risks that you might encounter. Read on for 10 of our best tips to help you shop safely on Cyber Monday.

1. Download those updates

Ignoring those annoying “time to update” messages? Now’s the time to take care of them.

Updating your devices is probably one of the simplest and most effective ways to ensure your Cyber Monday security. Make sure your computer’s anti-virus or your endpoint security solution is up to date, and keep all your tablets and smartphones current by turning on “automatic updates.”

2. Use apps instead of websites

A retailer’s app is typically more secure than its website.

Recent data breaches, such as the Magecart campaign that targeted British Airways, involved the tampering of Javascript code that can often be found on websites. It’s much less likely, however, that hackers will create a dedicated attack for specific applications.

What this means is that apps are much less likely to be compromised. Therefore, shopping with apps is usually safer than shopping on websites.

3. Use secure connections

Although we all use public Wi-Fi all the time, don’t assume that it’s secure.

For truly effective Cyber Monday security, it’s best to avoid shopping when using public Wi-Fi or unsecured networks; for example, if the connection is open or doesn’t require a password. In fact, it’s actually safer to use your mobile phone network to access the internet, rather than a public Wi-Fi.

4. Know the retailer

Select merchants carefully and only buy from websites you know and trust.

First, make sure you’re buying from a real online address. Red flags include:

  • strange looking URLs (awesome-bestonline-shopping-guitars-ever.com)
  • horrible design
  • weird or mixed selection of brands, like an online website that sells guitars and car parts
  • broken language
  • descriptions that do not make sense

Check the “about us” or “contact us” sections to confirm that the company has a physical street address and landline phone number. Be wary of strange contact information; for example, “walmartsupport@gmail.com” instead of “support@walmart.com,” missing privacy policies, unbelievably low prices, terms and conditions or refund information. Be sure to also read customer reviews to see if others had positive experiences with the site.

5. Secure your transactions

Stay away from online stores that do not provide secure transactions.

Here’s how you know that you are shopping on a secure website:

  • Look for “HTTPS” at the beginning of the site’s URL; for example, https://www. and not http://www.
  • Look for a closed padlock icon in the address window on the payment screen/shopping cart page. It’s usually at the beginning of the URL address bar at the top.

Both of these indicate that your session is encrypted, so it cannot be be easily intercepted or read.

6. Use a safe payment method

Shop only on sites that accept secure payment methods and systems, such as credit cards and PayPal.

If you have the choice, paying with a credit card is safer than paying with a debit card. According to consumer protection laws, you could be liable for $500 or more for fraudulent activity on your debit card if it’s not reported immediately. With a credit card, your personal liability can’t exceed $50.

Beware of

  • sites and applications that only accept money orders, wire transfers or checks
  • sites that do not ask you to confirm your order before paying
  • emails requesting account or purchase information. You should never email credit card or other financial or sensitive information

7. Use strong passwords

Your passwords are probably the most common form of authentication today. Choose them wisely. 

Use at least eight characters, with numbers, special characters, a mix of upper and lower case letters and do not include your personal details or words that that are logical, associated with the online store or account and can be found in a dictionary. Never share your login information with anyone.

Don’t use the same passwords for online shopping websites that you use for logging onto your bank, home or work computer. If your credit card provider or bank allows it, allow two-factor authentication, which enables additional steps to confirm your identity before confirming a purchase.

Keep your shopping accounts secure with a password manager that will help you keep track of multiple accounts and passwords. A password manager will simplify and secure your login process and will enable you to use more complicated passwords.

8. Protect your privacy

Don't disclose personal information unless you know why it is required and how it will be used.

To shop online, you will need to provide payment and shipping information, and that’s it. You should decline to provide personal information such as your Social Security Number, your date of birth or your spouse’s name. Never share your bank account details or transfer a deposit without seeing what you’re buying first.

Review the business’ privacy policy and be sure you are comfortable with it. Understand how information about you will be stored, how it will be used, and if it will be shared, sold or rent to others. Don’t buy from a business that does not include privacy information on its website.

Keep in mind that the more information you share, the more can be potentially leaked—and the easier it will be to steal your identity.

9. Maintain records

Keep track of your online shopping.

If you are a frequent online shopper, it may be difficult to remember where you bought what. It’s important to keep receipts for online transactions and copies of every emails you send or receive from the seller. This will come in handy for warranty and return issues, and especially the product description and price. When this documentation is no longer needed, completely destroy physical copies to prevent identity theft.

Regularly review your credit card and bank statements for unauthorized charges and verify against your credit card statement, merchant account statement (such as PayPal) and bank statement. Keep in mind that one small, unauthorized charge may be the first sign of credit card theft.

10. Avoid suspicious links and emails

It’s safer to enter the URL of a store yourself than to click on a link.

Many spam and phishing emails claim to be from a retailer, and encourage you to click on a link to an authentic-looking website that steals your personal information. In fact, you can be infected just by clicking the link on your local browser and device. For example, by clicking “buy now” on a suspicious email, you can be downloading malware.

If you receive such an email, it’s best to mark the email as spam, thereby blocking the sender from sending more. You can also report the emails to the retailer’s security team.

Also beware of misspellings or sites using a different top-level domain; for example, using .net instead of .com.

Final thoughts

Online shopping safety is a growing concern for e-retailers and shoppers. The e-retailers want to protect their reputation and preserve consumer trust, while shoppers want to know their money and data are safe.

Online security, such as two-factor authentication, has improved over the years. But one concern is companies seeking to improve conversion rates. To sell more, they cut down on the steps required to purchase something, and more often than not, those extra steps tend to be security measures. But using these tips, you can take advantage of deals and protect yourself shopping online on Cyber Monday.

Wishing you a safe holiday shopping season!

Interested in learning how your company can avoid third-party breaches? Contact us for more information.

 


Posts containing: