With the holiday season approaching, this year is set to break records for the number of purchases made online. In addition to all of the gifts to be bought, parties to be booked, and special little “I deserve it” purchases, there may be a few surprises lurking in dark corners.
Sadly, when it comes to dark corners of the Internet, they aren’t all dark and they aren’t all in corners. Information crime including the theft of credit cards and even identity are also on the rise despite the best efforts of Internet providers and search engines to identify and block them.
The end of November is a very significant time for online shopping. It includes:
- Black Friday
- Cyber Monday
- Online holiday gift shopping
- International Fraud Awareness Week
Here are some tips to help you make safer online shopping choices:
1. The best way to get your attention is with a “stunning” price
As is usually the case, if it looks too good to be true, it usually isn’t. Scammers routinely offer ridiculously priced product because that is the fastest way to get you into “buying” mode. If there is a time limit – or a limited number of units – the likelihood of a scam is even more of a red flag. They like instill a sense of urgency. Unless you know the company you’re buying from, we recommend moving along to another option.
2. The best scams don’t look like scams
Scammers work hard to produce a site that looks legitimate. Testimonials and links to recognizable sites that appear trustworthy. All of these things work toward building your trust. There are however little inconsistencies to watch for. How old is the site? Is it listed in Google? Does it list a business address? A dispute resolution process or Terms and Conditions?
3. Usually the scammers don’t get reviews
If you search for the site on Google, do you find links from credible sources? If you can’t find more than a few links, the site either very new (possible red flag) or completely falsified for the purpose of collecting payment or personal information. Also keep in mind that scammers create their own reviews. Beware of anything that only has 5-star ratings. Legit reviews always have the odd disgruntled person who didn’t have a perfect experience.
4. Safe payments take hard work, and a new site might not have put in the effort
In order to safely take payments from online customers, a site needs to have an online payment processor. Recognized credit card processors generally have information about their service in the checkout process. Many have systems that can confirm the identity of the site in use. In addition, a quality online seller will have an SSL certificate. The Secure Socket Layer Certificate provides an encrypted connection between a purchaser’s browser and the website. These SSL certificates are also issued by organizations that can establish some level of legitimacy for the site or domain name. The address bar of your browser will usually show a “lock” symbol of some kind to indicate that the connection is secure and will say “https” instead of “http” (note the “s” for secure).
5. Look for a “real” owner
Take a look around the site. Does it have a contact address? A phone number? Do they check out? If you aren’t sure about the site, try calling the phone number. Most scammers don’t pay a staff to answer the phone. Check the address on Google Maps, and ask if you believe that business would operate from the location you find.
6. Watch out over WiFi
Remember when you’re on the go, you can’t guarantee who owns the network you’re connecting with. If you’re using a public WiFi connection, your data could end up in the public. Stick with your cellular provider, a wired connection, or a home network that you trust for better securing your online transactions. I make the same recommendation for people who travel. Be very careful on public WiFi and public computer kiosks. Best to have your own device and obtain a local travelers SIM card. Many countries have great deals for visitors.
7. SSL protects your connection but doesn’t protect you from who you connect to
As mentioned, SSL protects your connection to the webserver. What it does not secure is where any data you submit to the site ends up. A simple form with your personal information and a credit card number is enough to commit identity theft. Several organizations implement inadequate security measures and have the results of online website forms submit to unencrypted email accounts.
8. Review your online account settings
This should include social networks, email/web hosting providers, online shopping, etc. Many have privacy and security settings. You would be surprised what the defaults are on most of these sites. Certain social networks make much of your information public and many sites share your information with third party organizations.
9. Keep personal info personal
Identity theft is real. The more information you have out there, the easier it is for them. Does that site really need to know your birthdate and mother’s maiden name?
10. Develop good password habits
Make them long and strong. Keep your different accounts unique and try to have a system to remember them. For example, try taking the first letter of each word in a song. TMOttBG@1908 (Take Me Out to the Ball Game)
11. Ensure the website address makes sense
Most email clients and web browsers allow you to see the website address it will go to if you hover on a link (without clicking on it). You can catch 99% of the fraudulent emails by noticing these discrepancies and not clicking on those links or opening suspicious attachments. There are many fraudulent websites that are phishing for your personal information or money. e.g. ipaypal.com, myebay.com, ssl-adobe.com – these are all fake and not the actual legitimate website.
12. Consider a low limit credit card
Obtain a second credit card with the lowest limit possible (e.g. $500). Do not increase the limit. Ensure your bank doesn’t automatically increase it. Use this credit card for your online purchases. Yes most credit cards help protect the card holder against fraudulent charges. But it’s a hassle! Your card is cancelled, you need to wait for the new one to arrive, you need to sign forms declaring you did not make those purchases, you need to update all those automatic payments with a new card #, and it is a big waste of your time! Minimize the potential damage with a small second card.