We get it – online shopping safety isn’t a fun topic. But it’s a crucial one to help you avoid scams, hackers, and fraud. We can’t make the topic more fun, but we can make it easier to understand and navigate.
Check out the tips below for safe online shopping, following advice and best practices from authorities in cybersecurity like the FBI and Norton. There’s a lot you can do to stay safe online, even if you’re not super tech-savvy.
15 Tips for Online Shopping Safety
Only Shop at Trustworthy Stores and Sites
Look for the lock and the “s” in https://
When shopping online, look for a little lock icon in your browser’s address bar. That indicates SSL (Secure Sockets Layer), meaning your connection to the site is secure.
Also, look for the “s” in the https:// at the very start of the URL which stands for “secure.” This means the information being transferred between you and the website is secure and encrypted, keeping your data safe from outsiders.
Be careful of typos
Clever scammers can dupe a website so it looks like the real thing. One wrong letter in the URL and you could find yourself putting your personal and financial information directly into the wrong hands. Always double-check that the site you’re shopping on is the right one.
Unfamiliar store? Vet it before you shop
You can feel secure when you shop at Amazon, Apple, and other reputable retailers that have been online for decades. But what if you want to buy something from a store you’ve never heard of before? Check them out first to make sure they’re legit. Search the company’s name online and look for things such as user reviews on sites like Google and Facebook and a rating and review on BBB (the Better Business Bureau).
A few red flags to look for:
- No contact information. Make sure the page has contact information clearly listed. Look for customer support contact options like a support email, phone number, and/or live chat option.
- Poor grammar and spelling. Professionally run businesses prioritize clear communication. If the site is loaded with grammar and spelling errors, pass it by.
- Offers too good to be true. If it sounds like an unbelievably great deal, you have every right to be suspicious.
Keep Your Private Info Private
Never share your social security number with an online retailer
Never, ever give out your Social Security number (SSN) when you shop online. Retailers have no legitimate reason for requesting your SSN or any part of it.
Don’t give out more info than necessary
Only fill in the bare amount of information required to finish the transaction. If you don’t need to add a phone number or birthday, don’t do it. Any information you give a retailer could end up in the wrong hands if the company experiences a data breach.
Check Out as a Guest
Check out as a guest when shopping at an online store you rarely visit. When you use guest checkout, you bypass making an account with the retailer and provide only the information the retailer needs to complete your order. Your personal information should also not be stored.
Don’t shop on a public Wi-Fi network
When you connect to a public Wi-Fi network or free hotspot, never do anything on your laptop or phone that you wouldn’t want a scammer or hacker to see. That includes entering a password to log in or using a credit card to pay for something online.
It’s better to do your online shopping at home on your own Wi-Fi network. But if you absolutely must shop while on a public Wi-Fi network, make sure to use a virtual private network (VPN), security software that protects your internet connection to keep your data safer.
Use a Secure Payment Method
Pay with credit, not debit
Credit cards offer consumer protections that debit cards – which draw funds directly from your bank account – don’t. Always choose a credit card over a debit card when shopping online so you’re protected in the event of a data breach, fraud, or scam.
Use a virtual credit card for extra security
A virtual credit card offers even more security because you don’t have to share your real credit card information with a retailer. Instead, you share just your virtual card’s number, and each transaction uses a new and unique CVC number for extra security. Not all credit cards offer virtual cards, but AmEx, Capital One, and Citi do.
Use a mobile wallet
Consider using a digital wallet like PayPal, Google Pay, or Apple Pay. As we mentioned, data breaches happen, so it’s best to give your credit card data to as few sites as possible. Plus, these trusted businesses may have safeguards to protect you if a retailer who uses their payment service doesn’t deliver as promised.
More Like This
Think your passwords are secure? Don’t be so certain! Here’s how to keep your passwords secure and create strong passwords that are harder for hackers to crack.
Stay Vigilant After the Purchase
Look at your statements
Get into the habit of looking at your credit card, bank, or other payment statements regularly so you can spot unusual charges quickly and report them.
Be suspicious of emails
Scammers are good at getting people to click links and download malware. One way they do this is by pretending to be a popular retailer like Amazon.
Always take a moment to make sure that the email you received is legit. Here are a few red flags to look for:
- An odd sender or reply-to email address. Look for sneaky misspellings like “Amzon.com” or long strings of numbers like http://123.456.789.123/amazon.com/.
- Typos in the email. Legitimate retailers invest a lot of time in getting their marketing just right, so typos and grammar errors are rare. Always consider them a huge red flag.
- Requests for sensitive information. Is the email asking you to validate your credit card number, provide your social security number, or give other private details? Don’t do it! Legitimate retailers never ask for this information.
- Prompts to download software. You should never have to download software to interact with a retailer. If the email asks you to download something, be extremely suspicious.
Scammers often create spoof emails that look a lot like those from big-name retailers because there’s a good chance you’re an existing customer. They’re using the retailer’s name and credibility to get you to interact. Learn more about how to tell the real emails from the fakes directly from some of the biggest retailers in the U.S.:
When in doubt, navigate to the website directly
Let’s say you received an email that’s allegedly from Amazon.com. It says that the credit card associated with your account needs to be updated. Rather than clicking the link in the email, open your web browser and type amazon.com in the search bar. Then, log in as you normally would and navigate to your account page to see if you have any notifications. No notifications means the email you received was likely a scam and you shouldn’t click on any links it contains.
Don’t fall for UPS/FedEx text scams
Scammers may also text you saying that your package has been misdelivered or they need to confirm your address. These texts often ask you to click a link or even send money. Do not click on any link unless you are 100% sure it’s from the real UPS or FedEx. Here’s how to tell the real from the fake:
If in doubt, don’t click. Instead, go directly to the carrier’s website and type in your tracking information for info on a package you’re expecting.
Check for breaches
Companies must inform you when they’ve experienced a data breach in which your personal information was compromised. Still, it can be good to regularly check to see if your email address has been compromised. Check on haveibeenpwned.com.
If you discover that a password has been compromised, immediately reset the password for any account that uses the same password.
Online Safety Best Practices
Online safety doesn’t start and stop at shopping! Follow these best practices for staying safe online:
- Do recommended updates. Keep your operating system, internet browser, software programs, and apps up to date. Updates typically include important security patches.
- Use anti-virus and anti-malware software on all your internet-connected devices.
- Opt into multi-factor authentication whenever possible, especially for important things like bank accounts, credit cards, and email accounts.
- Use unique, strong passwords. Do not repeat passwords across different accounts. If hackers get your email and password from one site, they may be able to use it on another site.
- Consider a password manager. If you struggle to remember passwords, a password manager like 1Password may help by enabling you to log into your accounts using one master password.
- Check links before clicking when on a laptop or computer by hovering over the hyperlink; you’ll see the URL it directs to down at the bottom of your browser window. On a phone, press down the link and a pop-up will give options and show the URL. This is a quick and easy way of avoiding scammy links.
- Keep your devices locked with a password, pattern, face recognition, or some other security method so only you have access to them.
- Use your own charger. Don’t use free charging stations in public. They can be exploited by hackers.
Online Shopping Safety FAQs
Is it safe to pay with a credit card online?
It depends on what you mean by “safe.” In general, yes, it’s safe to pay with a credit card online. And if you shop only at trusted retailers on a secure website with a secure connection, check out as a guest, and don’t store your credit card information, the chances of your credit card info being stolen are small.
Still, if your card info is stolen and used fraudulently, you won’t be on the hook for a huge credit card bill. One of the benefits of using a credit card online is that credit cards come with protections that debit cards don’t. If your credit card number is somehow stolen and used illegally, your credit card company will typically contact you to verify the unusual charges, reverse them if fraudulent, and most likely send you a new card with a new number.
What’s the safest way to pay online?
Credit cards are by and large safe, but if you want something even safer, you can use a virtual credit card if available. Doing this means a retailer never has access to your real credit card information. You can use a virtual credit card just one time if you want additional protection.
Third-party payment services like PayPal, Google Pay, and Apple Pay are also safe and very widely used.
How do I protect myself when buying online?
When it comes to navigating anything online, think like a skeptic. Make the stores you shop with earn your trust, and don’t assume that everything that lands in your email inbox is legitimate, even if it looks like it is. Follow the advice we’ve shared here! An ounce of prevention is worth a pound of cure when it comes to the headaches, frustrations, and potential financial losses that can happen if you’re a victim of fraud.
Erin Danly is a freelance writer whose work focuses on marketing content and verbal branding for B2B and B2C clients. Before turning to writing, she was a pastry chef and a psychology lab manager at Columbia University. Erin lives with her family in Mt. Pleasant, SC.