There’s every reason in the world to shop online. The bargains are there. The selection is mind-boggling. The shopping is secure. Shipping is fast. Even returns are easy, with the right e-tailers. Shopping has never been easier or more convenient for consumers. And in the age of COVID, it’s safer than going out even if you’re fully masked and gloved.
But what about the bad guys? It happens. The FBI’s own Internet Crime Complaint Center (IC3)(Opens in a new window) says the number one cybercrime of 2019 in half the 50 states was related to online shopping: non-payment for or non-deliver of goods purchased.
Stay calm. While somewhat alarming, these stats should not keep you from shopping online. You simply need to use some common sense and follow practical advice. Here are basic guidelines; use them and you can shop with confidence.
Use Familiar Websites
Start at a trusted site. Search results can be rigged to lead you astray, especially when you drift past the first few pages of links. If you know the site, chances are it’s less likely to be a rip-off. We all know Amazon.com carries everything under the sun; likewise, just about every major retail outlet has an online store, from Target to Best Buy to Home Depot. Beware of misspellings or sites using a different top-level domain (.net instead of .com, for example)—those are the oldest tricks in the book. Yes, sales on these sites might look enticing, but that’s how they trick you into giving up your info. (Photo by Quinn Rooney/Getty Images)
Look for the Lock
Never buy anything online using your credit card from a site that doesn’t have SSL (secure sockets layer) encryption installed—at the very least. You’ll know if the site has SSL because the URL for the site will start with HTTPS—instead of just HTTP. An icon of a locked padlock will appear, typically to the left of the URL in the address bar or the status bar down below; it depends on your browser. HTTPS is standard now even on non-shopping sites, enough that Google Chrome flags any page without the extra S as “not secure.” So a site without it should stand out even more.
Create Strong Passwords
We once asked PCMag readers if they frequently changed their passwords. Eleven percent claimed they did it every day, but those people are either paranoid, liars, or paranoid liars. The vast majority only change a password to protect privacy a few times a year (27 percent) or more likely, never (35 percent).
If you’re going to be like the latter group, we will again beat this dead horse about making sure that you utilize uncrackable passwords. It’s never more important than when banking and shopping online. Our old tips for creating a unique password can come in handy during a time of year when shopping around probably means creating new accounts on e-commerce sites.
Even your perfect password isn’t perfect. The smarter move: use a password manager to create uncrackable passwords for you. It will keep track of them and enter them, so you don’t have to think about it.
Check Statements Regularly
Don’t wait for your bill to come at the end of the month. Go online regularly, especially during the holiday season, to view electronic statements for your credit card, debit card, and checking accounts. Look for any fraudulent charges, even originating from payment sites like PayPal and Venmo. (After all, there’s more than one way to get to your money.)
You should definitely only buy online with a credit card. If your debit card is compromised, scammers have direct access to your bank funds. Any seller that wants a different kind of payment, like wired money, is a big red flag. The Fair Credit Billing Act(Opens in a new window) ensures that if you get scammed, you are only responsible for up to $50 of credit card charges you didn’t authorize. There are protections even if you’re not happy with a purchase you did make.
If you see something wrong, pick up the phone to address the matter quickly. In the case of credit cards, pay the bill only when you know all your charges are accurate. You have 30 days to notify the bank or card issuer of problems, however; after that, you might be liable for the charges anyway.
Inoculate Your Computer
Swindlers don’t sit around waiting for you to give them data; sometimes they give you a little something extra to help things along. You need to protect against malware with regular updates to your antivirus program. Better yet, pay for a full-blown security suite, which will have antivirus software, but also will fight spam, spear-phishing emails, and phishing attacks from websites (the latter two try and steal your personal info by mimicking a message or site that looks legit). Remember, it’s not enough to have it installed. Make sure your anti-malware tools are always up to date. Otherwise, they can let in any new threats—and there are always new threats.
Privatize Your Wi-Fi
There’s no real need to be any more nervous about shopping on a mobile device than online. Simply use apps provided directly by the retailers, like Amazon and Target, even McDonalds or Chipotle. Use the apps to find what you want and then make the purchase directly, without going to the store or the website.
Skip the Card, Use the Phone
Paying for items using your smartphone is pretty standard these days in brick-and-mortar stores, and is actually even more secure than using your credit card. Using a mobile payment app like Apple Pay generates a one-time-use authentication code for the purchase that no one else could ever steal and use. Plus, you’re avoiding card skimmers—hell, you don’t even need to take your credit card with you if you only go places that accept phone-based payments. How does that matter if you’re online shopping? Many a phone app will now accept payment using Apple Pay and Google Pay. You just need your fingerprint, face, or passcode to make it happen instantly.
Count the Cards
When it comes to gift cards, stick to the source when you buy one; scammers like to auction off gift cards on sites like eBay with little or no funds on them. There are many gift card “exchanges” out there that are a great idea—letting you trade away cards you don’t want for the cards that you do—but you can’t trust everyone else using such a service. You might get a card and find it’s already been used. Make sure the site you’re using has a rock-solid guarantee policy. Better yet, simply go directly to a retail brick-and-mortar store to get the physical card.
Check the Seller
If you’re wary of a site, perform your due diligence. The Better Business Bureau has an online directory(Opens in a new window) and a scam tracker(Opens in a new window). Yelp and Google are full of retailer reviews. Put companies through the wringer before you plunk down your credit card number. There’s a reason that non-delivery/non-payment is the most common cybercrime complaint: it hurts when that happens, financially and emotionally.
That said—online reviews can be gamed. If you see nothing but positive feedback and can’t tell if the writers are legitimate customers, follow your instincts.
If nothing else, make absolutely sure you’ve got a concrete address and a working phone number for the seller. If things go bad, you have a place to take your complaint. In fact, call them before you order so you can clarify a return policy and where to go with any issues after the purchase.
Like What You’re Reading?
Sign up for Tips & Tricks newsletter for expert advice to get the most out of your technology.