Authored by: Avesta Hojjati, Head of R&D at DigiCert
As we saw when the world began rushing to panic buy toilet paper, one of the main ways people are responding to the COVID-19 global pandemic is by changing their shopping habits. But what started with stores struggling to stock their shelves is now shifting to online orders and deliveries.
As more people take advantage of shopping online, it is increasingly important to keep the internet a safe place for transactions. Here are a few tips to help:
Six Tips for Secure Online Shopping
1. Examine a site for trust indicators
In-store you have the advantage of seeing firsthand the inventory and employees, so when online shopping you have to look for other trust indicators.
First, check to see if the website you’re using is legitimate. For many years, internet users were told to “look for the lock” to know that a website was secure. But in 2019, several browsers changed how they display authorized sites. Consumers can look beyond the lock by clicking on the padlock to view the certificate information and organization details. At the very least, do not use sites that fail to use encryption for transmitting data, commonly known as TLS/SSL encryption.
Additionally, you can ask yourself a few of the following questions to determine whether a site is trustworthy:
Do they have terms and conditions or a return policy listed?
Do they have a secure site seal?
Are there grammar and spelling mistakes?
Do they have reviews?
Do they have a social media following?
And, most importantly, is there contact information listed in case you need to get in touch with the company about your order?
Questions like these do not guarantee that a site isn’t a scam, but they are helpful guides in determining whether or not you should trust a site.
2. Protect your data
Don’t give out more information than you need to. For example, you will not be asked to give your date of birth for purchasing water online, but if purchasing alcohol, the merchant will need to validate your age. If you’re asked for very personal information, call customer service to see if you can use other identifying information. If not, remember you can always walk away.
You should also choose strong passwords that have a complex set of lowercase and uppercase numbers, letters and symbols. Don’t use personal information as your password and avoid using the same password on multiple accounts. If available, you can use the guest checkout option instead of creating an account.
Avoid suspicious forms of payment, like sending money to a random PayPal account, or mailing cash or a check. if you’re worried about a transaction, you may wish to use a credit card, which usually has the best liability protection. Still, check your statements regularly and make sure you don’t see any fraudulent charges.
3. Update your software
Regardless of what kind of device you use for online shopping, keeping your software up to date can prevent cybercriminals from exploiting a weakness. Particularly, make sure that your browser is up to date, and do not install suspicious software or plugins.
4. Treat deals in your email with suspicion
Advertisement emails are often malicious and pretending to be legitimate businesses. For example, during this pandemic you might see emails with deals for buying masks or sanitization. However, individuals should exercise caution with any email or social media post with a COVID-19 related subject line, attachment or link. Generally, it is better to copy the website URL, inspect it then paste it into a browser instead of clicking on links in your inbox.
5. Beware of deals that seem too good to be true
If something seems too good to be true, it probably is. The most powerful defense against online shopping scams is common sense. Also, beware of subscriptions to ads, which can be dangerous because they can spam your mailbox with malicious emails.
6. Be ready to act if your order doesn’t arrive
Save the receipt and order confirmation information. If your order doesn’t arrive, hopefully you checked the site for contact information so you can call the merchant. If you can’t reach anyone, and you suspect foul play, report the company by contacting your government regulatory authority such as CASE. As governments increasingly encourage people to stay home, the number of people shopping online will most likely continue to increase. Cybercriminals have already been exploiting the world’s online attention to COVID-19, so protect yourself and your data during this unprecedented time and always.