How to stay safe while you shop online this holiday season
Whether you’re shopping on your Android, iPad, or being "old-fashioned" and using your home PC, follow these tips to keep your credit card and other sensitive information safe.
Shopping online with your smartphone or tablet.
A staggering number of people will use their smart devices to shop online this holiday. Cybercriminals know this, and they’ve been planting malware-infested apps, malicious links, and spyware in order to steal our personal and financial data while we shop. Here’s how to keep your info away from them:
- Know your apps: Download apps only from a trusted source, like the Google Market, Apple App Store or Amazon App Store. Closely scrutinize the permissions the app requests, and don’t install it if it wants to access certain functions that it doesn’t need, such as the ability to send SMS messages. User reviews are also helpful.
- Lock your device: Most smartphones and tablets give you a choice of locking the device with a password, numeric code or pattern. Take advantage of this – if nothing else, you’ll prevent practical jokesters from emailing your boss if you leave your device unattended.
- Explore mobile security services: Mobile security apps provide lost device protection, secure web browsing, and antimalware services. Webroot offers several free and premium versions of Webroot® SecureAnywhere™ for protecting devices on the iOS and Android operating systems.
Shopping online with your PC.
The bad guys will be using every trick in the book to compromise your credit card numbers and identity while you bank, shop, and browse from your PC. Throw a wrench in their plans by following these simple steps:
- Go straight to the site: Type a store’s Web address directly into your browser instead of using a search engine to retrieve it. Cybercriminals plant malicious links that look like popular sites within the first few pages of search results. And use care when clicking through from emails you receive from banks, shipping services, and other companies. Phishing scams often request you to "verify your account" or "confirm your billing address" through what is actually a malicious website. It’s best to access you account directly from the website.
- Recognize secure websites: Before you make a transaction, look at the web address. Secured websites start with "https" instead of "http" You can also right-click anywhere on the web page and select "Properties." The dialog box will tell you if the site is encrypted or not.
- Use coupons with caution: Applying a coupon or discount code to your order can save a significant amount on your purchases or shipping costs, but make sure you know what to look for first. How to use e-coupons safely…
- Update like crazy: Your computer (and any web-enabled device) should always have the most recent updates installed. After all, most updates address security weaknesses, so they should not be ignored.
- Secure your wireless: Make sure your own personal hotspot is secure with a password. As with all your passwords, make sure to use a variety of numbers, letters, and symbols. Learn how to create stronger passwords…
- Know who you’re buying from: Look for seals and other signs that show a company’s accreditation. Don’t use an e-store that requires more information than necessary to make the sale. Expect to provide some method of payment, shipping address, telephone number, and email address, but if the merchant requests other information walk away. You never want to give them your bank account information, social security information, or driver’s license number.
- Avoid ‘too-good-to-be-true offers: Any e-store that promises too much at too low a price is suspicious—especially when the message is extremely urgent. If the price is too low, consider whether the merchant came by the items legally, if you will ever receive the items you paid for, whether the items are actually the brand shown, or if you will be able to return damaged goods.
- Use a credit card rather than a debit card: Credit card purchases limit your liability to no more than $50 of unauthorized charges if your financial information is stolen, which is much better than assuming all of the charges in the event of theft. You may also want to consider designating one holiday credit card; this way, if the card gets compromised, you can quickly shut it down without impacting any other transactions.
By Alex Fairbanks
*Webroot Research, November 2011.