With technology at our finger-tips, online shopping has revolutionised the way we live and interact.
No more traipsing up and down the high-street looking for Christmas gifts, we can now shop on-the-go or from the comfort of our homes. While millions of online shoppers surf the internet looking for gifts and the latest deals during the festive period, few are aware of the dark side of online shopping, falling prey to cybercriminals and fraudsters. Christmas is the perfect time for these hackers to scam you out of your hard-earned cash, luring you with fantastic deals while stealing your data. Here are some things you need to look out for so you can shop safely and stay secure online this Christmas.
Watch out for fake websites
Dressed up to look like the real deal, fake websites replicate the look and feel of legitimate online retailers drawing you in with amazing offers. But don’t be fooled, these deals are usually too good to be true. Cloned websites look convincing, but there are a few differences to look out for. Scan the website for spelling mistakes, check to see if the website looks different in any way and browse the company information like the contact, about us and returns policies. If all or none of this information is unavailable, the website is probably fake. One way of checking the authenticity of websites would be to type the name into the Google search bar and see if it comes up. It’s best practice to stick to sites you know and trust and when shopping on your phone on the go, shop directly using the retailer’s app without going to the website.
Top Tip: Scamfoo have a great service that helps you identify scam websites and fake online businesses
Don’t fall prey to phishing emails
One of the most common ways of getting scammed, phishing takes many forms such as unsolicited email, instant messages or texts message. Scammers go to great lengths to replicate online retail websites, creating a false sense of trust and tricking you into opening the email or message. They then create a sense of urgency where you’re duped into clicking a malicious link that encourages you to urgently divulge sensitive information such as credit card information and passwords.
For example, you may receive an email from an e-commerce shop that looks genuine, asking you to resubmit account information urgently or your account will be closed. This pressure is crucial to how phishing works and tend to put you off your guard. Don’t open any attachments or click on any links as this can infect your computer with malware, i.e. software designed to intentionally cause damage to your computer – such as a virus. Instead visit the website via Google, double check your information and delete the email. This is especially crucial if you receive an email from what looks like your bank.
Top Tip: If you are ever in the unfortunate position of being scammed or defrauded online, you can visit the Action Fraud and Cyber Crime website to report it and get advice
Top Tip: To check if your email has been hacked, head over to Have I Been Pwned
Stay secure and look for the locked padlock
Never use your credit card to buy anything online unless the website has the icon of a locked padlock in the address bar and the URL of the site starts with HTTPS. This means the connection is safe and secure. This is pretty standard these days to the point that Google will flag a page that doesn’t have this security as “not secure”. To be extra safe, ensure the payment pages also have the padlock symbol and always log out when you’ve finished shopping online.
If you’re shopping on the go, use a VPN
If you’re shopping online from public places such as coffee shops, you may be think you’re safe using the public WiFi of well-known coffee brands. But how do you know it really is owned by Starbucks or Costa. You don’t, which is why you could be opening yourself up to having your personal data stolen. Take, for example, the simple act of buying a gift while relaxing in a café, bar or restaurant.
In one transaction you would enter your name, address, credit card details and more. Now imagine if that connection was being watched by a cybercriminal out to steal your data? Worrying right! Using a VPN (Virtual Private Network) ensures no one can intercept your information, not even the operators of the WiFi network. If you don’t want to get a VPN, avoid shopping online using public WiFi hotspots.
Use secure payment methods
Avoid bank transfers to pay sellers at all costs and where possible always try to use your credit card as payment. You’ve got more chance of getting your money bank if things go wrong. Insured payment methods such as Paypal also offer you security and peace of mind.
Use strong passwords
I think it is pretty safe to say we are all a bit overwhelmed by the number of passwords we have to remember. As a result most people use the same password across all websites they use, giving fraudsters ample opportunity to go shopping on their behalf! At this time of year, when you probably have to create numerous passwords for the e-commerce sites you visit, it makes sense to get into the habit of creating strong passwords. However, if the mere thought of coming up with different passwords gives you a migraine, follow these simple rules for unbreakable passwords:
- Avoid obvious sequential numbers and characters – I’m talking about 123456 or the word password! Yes, these are common passwords used!
- Don’t include your personal information such as your name, your pets name, birthday etc.
- Ensure you use nothing shorter than 15 characters with a mix of characters, symbols and numbers to keep those pesky hackers at bay
- Avoid memorable keyboard patterns, for example, QWERTY or frequently used substitutions such as BELLBOY or BELL80Y
There are many methods for choosing passwords, but we think random, bizarre and unique is the way to go. These days two-factor authentication is an excellent way of getting that extra layer of protection. Here, you’re required to provide something in addition to your passwords, such as a code sent to your phone or a request for biometrics such as a fingerprint.
Top Tip: Another smart move is using a password manager such as Dashlane to free up your grey cells.
Go undercover
If you hate the thought that your personal information is out there in cyberspace for all to potentially see, you could go incognito. Check out the very cool and impressive Abine Blur. It’s a password manager that allows you to shop securely without revealing anything about yourself – no credit card details, emails or phone numbers. It’s a simple button, installed in your browser that allows you to manage your security. Even the free version gives password management, tracker blocking and email address masking.
Protect and update your computer
So you’ve finally taken the plunge. You’re a whizz at spotting fake websites and phishing emails, you’ve got an unbreakable password, and you smugly sip your spiced cappuccino whilst shopping online under a VPN in your favourite café hangout. But have you protected your computer? There will always be new ways for cybercriminals to access your computer, so it’s imperative to protect it against malware and ensure that you update your computer anti-virus software regularly and without fail.
In the meantime, happy Christmas shopping!