Published November 29, 2013
Online shopping has become an attractive alternative for shoppers who don’t want to brave crowded stores this holiday season. But that convenience has a tradeoff: an increased risk of getting hacked or scammed.
“The internet has a lot of scams going on all the time,” says Bob Bunge, a security expert and professor in the College of Engineering & Information Sciences at DeVry University. “What happens during the holidays is the volume picks up because more people are going online.”
With that said, he assures consumers that shopping smart online and knowing how to identify potential scams will keep them from becoming a victim this holiday season.
Look for Deals Safely
We all want to get the lowest price possible on a purchase, but don’t let that desire lead to getting scammed. Security experts recommend only shopping on sites of well-known brands and to always verify the security on a site before making a purchase.
“A lot of online merchants haven’t really looked at the security of their websites,” says Dave Chronister, founder of Parameter Security. “When you give them your credit card number you can run into a lot of issues.” He says websites with security tags show their systems have been scanned for vulnerabilities.
Buying from smaller and unknown online retailers also puts shoppers at risk for shoddy and even knock-off merchandise, says Bunge.
“People are doing global searches driven by low low prices, but they don’t know who they are doing business with,” he says.
To verify the security of a site, consumers should only shop at addresses that start with “https” instead of “http.” “That ‘s’ at the end means the user has a trusted and encrypted connection with the website,” says Ronnie Flathers, associate security consultant for security and risk management firm Neohapsis. That means that all the data between the shopper and the website is protected and the site is legitimate, he says.
Login With Caution
Cyber criminals set up websites to look like those of legitimate banks and retailers to get people to provide their username and password. Unwitting consumers sign in, compromising their sensitive data to the criminals.
Because of the risk, Bunge says to avoid clicking on links from an e-mail and instead copy and paste the URL into a web browser to ensure the website is what it purports to be.
Use the Right Plastic
Experts recommend using a credit card over a debit card when making online purchase to get more protection. After all, it’s easier (and quicker) to dispute a charge on a credit card than getting cahs back from a debit purchase.
Whenever offered, Chronister says to use services like “verified by Visa” which can typically be found on a website’s check-out page. The service lets users complete a transaction without the merchant seeing the credit card number. “Each of the credit card providers has something like that and it really lowers your risk,” says Chronister.
If a deal sounds too good to be true, it probably is. While most people know by now to ignore a pop up that claims “you’ve won an iPad…click here,” Flathers says cyber criminals have become more sophisticated and use more subtle techniques.
“It’s OK to mistrust emails and links,” says Flathers. “Services like PayPal and online banks will never ask for personal information over email, chat, or any avenue besides their main website. Your bank account information won’t be deleted and nothing bad will happen if you don’t immediately update your password, so take a second to make sure what you’re doing is actually legit.”