Online shopping has become very popular around the world. First of all, it’s convenient, and people can shop around, find the best prices, and have packages delivered right to their doorstep without ever having to leave the comfort of their homes. In fact, back in 2016, reports say that over 1.66 billion global digital buyers were active. However, also in the same year, the FBI’s Internet Crime Complaint Center received around 300,000 online-theft complaints, with reported losses in excess of $1.3 billion. There are several malicious online entities, be it fake companies or identity thieves, that can turn your shopping experience into a hassle. What can you do about it? Don’t click the purchase button until you check these crucial tips for safe online shopping.
Nowadays, online shopping is thriving, while physical stores struggle. There’s no denying that Amazon and other online retailers have changed consumer behavior radically and encouraged other big retailers like Walmart and Target to beef up their own online presence.
Online shopping has grown tremendously to the point that you can find anything to purchase over the internet, be it clothes, airline tickets, sporting events, concerts, and more. However, an online purchase involves more than just getting lower prices and convenience.
While shopping online, you might be paying more than you think, and we’re not talking about your money. You never know who’s lurking in the digital realm, aiming to lure you in and harvest your personal and sensitive data.
Cybercrimes are increasing, and each year we get our fair share of incidents of such behavior. Back in 2018, more than 16,128 cases of online identity theft and 65,116 cases of non-payment or non-delivery fraud were reported to the U.S. Internet Crime Complaint Center.
If you check the image above, you’ll notice that identity theft doesn’t have that many cases as other crimes do. However, non-payment or non-delivery fraud ranked first, which shows how common this practice is by cybercriminals.
So, you might ask yourself: How do they do that? What are the top online shopping risks you should be looking out for? Find everything you need below:
Let’s begin with the most obvious and common one, Fake Stores. While retail apps and social media stores are adding to consumers’ online options, cybercriminals aren’t just sitting still, they’re keeping pace.
The internet is a host to a lot of fake online stores, and it can literally trick people into purchasing products. But the truth is that whatever the customer is purchasing isn’t really for delivery. Users will get to see amazing offers and deals, but in reality, these are just a way to lure them in.
There have been dozens of incidents where buyers never got what they purchased, but did spend their money in the online transaction. The biggest problem is that some, if not most online shoppers cannot identify the site as fake.
Cybercriminals nowadays have the tools to make their websites appear to be as legitimate as they can be. They can mimic trusted retailers, using familiar logos and slogans and a URL that’s easily mistaken for the real thing. These changes are not that obvious and are easy to miss.
Moreover, there’s a malicious scam that goes by the name of “Homographic attack,” where a hacker makes use of different characters that look alike, making you think that you’re visiting the actual website you’re looking for.
You can identify such websites by keeping a keen eye on them. Most of you don’t check the source. In fact, 37% of Americans came clean about not checking a retailer’s website for authenticity. They just click on whatever deal that pops up if it says the right things to grab one’s attention.
Malware is a dangerous thing on the World Wide Web. This kind of software can do a lot more damage than you think. It does not just lie in fake websites, even official online stores are hit with malware every now and then. As a result, it spreads to all the users who visit the site.
Launching an infected website will allow the malware to attack your system. A while ago, Amazon suffered a massive data breach. A hacker that goes by the name of 0x2Taylor hacked into the servers of the electronic commerce giant and stole the login credentials, as well as personal information of over 80,000 customers.
Moreover, there was 597.4 MB leaked data includes usernames and encrypted passwords of Amazon Kindle users. It’s not just that. American Outdoor Brands found an issue with one of its websites, which sells mostly shirts, accessories, and hats.
The malware infected its checkout pages to steal payment and personal information of shoppers. The breach affected more than 780 people.
Another way online shoppers are affected is by clicking on ads that pop up inside the page they’re visiting. Ads are something normal during your browsing activities. Many online businesses and websites generate revenue from them.
However, not all ads present on a page may be genuine, though. They might look legit, appealing, and hard to ignore, but as soon a user clicks on them, the ads ask him/her to register and submit their personal information. That’s how a scammer can easily acquire the data he’s looking for.
Not long ago, adware was found on apps installed eight million times from Google Play. They’re disguised both as games and utility apps. The researchers say that these apps make their way to the device’s configuration data and start bombarding users with ads that profit the attacker.
Some of you might think of such ads as annoying. But in reality, there’s more to it – they can really pose a dangerous threat to your privacy.
If you do not take proper precautions to protect your data, sooner or later, you’ll find yourself dealing with a malicious online doppelganger living his life at your expense. Identity theft is rising, and it continues to pose a real threat for consumers as cybercriminals are developing new mechanisms to commit fraud.
In general, if someone steals your personal information, such as your Social Security number, credit card number, and use them to make a purchase or commit other fraud, that’s identity theft. When it comes to online shopping, a cybercriminal leverages stolen payment information or fraudulently acquired bank accounts to attempt online transactions without the account owner’s knowledge.
In 2017, 16.7 million reported victims of identity fraud in 2017 in the United States only. The attacks targeted Delaware, Oregon, and Florida. However, Oregon suffered the most among the three.
According to recent reports, the number of consumers who fell victim to identity fraud reached over 14.4 million in 2018. During the same year, consumers reported losing about $1.48 billion related to fraud complaints, which is more than 2017 by $406 million.
The problem affects all ages. However, seniors tend to be the main targets here since, according to studies, people become more trusting as they age. It’s harder for older adults to detect fraudsters
Young adults experience their fair share of identity fraud, but when old people fall victim to it, the damage is much higher.
This incident is one of the most common and easy ways to take over a person’s personal information. Phishing emails are normal emails from hackers purporting to be from reputable companies, in order to encourage individuals to reveal personal information.
Such emails include a certain link in which a user is required to submit data, such as passwords and credit card numbers. You might be getting an email from Amazon or your Bank. However, that’s not the main problem here. What’s really concerning is that around 97% of internet users cannot differentiate between a phishing email and a real one.
Back in February, fraudulent emails were issued by the Chief Executive’s Office. They were phishing attempts, and a spokesperson appealed to members of the public to stay alert of such incidents.
Unfortunately, more than 30% of phishing messages get opened by targeted users, which is really bad. You never know what a single email would do. A while ago, an email was used to gain access to thousands of Hillary Clinton and DNC emails.
If you receive an email that looks like this, just head over to the website’s official page manually. Whether it’s your bank or Google, visit the official website and do what’s required there. Never click on a link blindly.
Online shopping has become so convenient that it’s easy to forget about the dangers it has on our personal information. We should always be alert and take proper precautions. Otherwise, our data might end up in the wrong hands.
You don’t have to stop shopping online to prevent such risks from targeting you. Fortunately, there are several steps you can take to shop safely online and ensure your data, credit card information, and of course, your peace of mind. Here’s what you need to do:
It’s simple, use a trusted website. Search results can illude and lead you astray. You might end up using a malicious site that’s going to harvest your data the moment you visit it. If you know the website you’re visiting, chances are it’s likely to happen.
If you still want to use this new/unfamiliar website, dig a little deeper before you make any purchases. For example, user reviews can help a lot. Any negative comment can open your eyes to whether this website is legitimate or not.
But don’t take bad reviews as your ultimate guide. A lot of companies receive bad reviews from time to time. Therefore, it’s important to cross-reference such reviews from different sources and check the credibility. In the end, we don’t all have the same taste.
In other words, only shop using sites of brand-name retailers you already know and trust. However, even if that’s the case, you’re still at risk. Some retailers might seem familiar and legitimate, but they can be hackers posing as ones.
Whether it’s Amazon, eBay, or any other, make sure it’s not a fake website. Check for clues such as:
Nowadays, you’ll find dozens of websites mimicking others. If you keed a close eye on the details, you’ll find it easy to separate the good apples from the bad ones.
Whether we like it or not, great offers are very tempting. We will get lured into a page based on the deals we get. However, whatever the offer is, under no circumstance, you should purchase a product on an unsecured website.
Before you click the link on your search page, take a closer look at the initials of the website. Is there a padlock? Does it say (HTTPS)? If it doesn’t, look the other way immediately. Again, never buy anything online using your credit card from websites that don’t have SSL (Secure Sockets Layer) encryption present.
HTTP websites are never safe to submit personal information on. We don’t even encourage visiting them in the first place, let alone use your credit card. HTTPS is now a standard protocol, not only on shopping websites.
Even Google Chrome started flagging any page that does not add the extra “S” to the URL as “not secure.” We know that most internet users don’t check it, so they might not even know what it looks like.
No matter what the browser you’re operating might be, “HTTPS” is essential, so here’s a quick look at how an SSL website looks like in different browsers:
Online shopping in public places isn’t as easy and safe as everyone wants it to be. If you’re not careful, the outcome can be devastating. Public places with free Wi-Fi are attraction spots for all sorts of people, be it students, employees, tourists, and businessmen.
There’s nothing better than sipping on coffee and browsing the web. However, let’s not omit the fact that it also attracts all sorts of hackers and cybercriminals. Public Wi-Fi networks are the perfect opportunity for such entities to harvest your data.
Whatever data you submit while connected to a public network is ripe for the picking. If you’re just browsing the web without entering any of your personal information, it’s not that big of a deal. But logging in to your banking accounts or payment sites is what you should avoid.
Moreover, another risk that people are not aware of is that they may be connecting to a rogue network. This method is used by cybercriminals, where they create their own network (disguised as a legitimate hotspot) waiting for users to connect.
The moment they do, the host (hacker) can intercept the data, monitor it, collect it, and even install malware on the connected devices.
Bottom Line: Whatever it is or whatever you need to do, it’s never a good idea to shop online or sign in to any website with your credentials while you’re connected to public Wi-Fi.
We intentionally placed this part after the Public Wi-Fi section due to it being one of the best solutions to the problem. A Virtual Private Network is a cybersecurity tool that creates a “secure tunnel,” where data sent over a Wi-Fi connection is encrypted, making all that data sent and received fully shielded.
The moment you establish a connection, the VPN protects your data with military-grade encryption and cloaks your IP address, making you fully anonymous. However, certain privacy features cannot be found anywhere.
BulletVPN works with 256-bit AES encryption, which is the best in the industry. Moreover, with servers across 50+ countries, you can seem to be browsing the web anywhere. So, whatever website you visit, whatever data you submit, it will only look like random bits and numbers to hackers lurking around in public places.
Furthermore, BulletVPN offers two options to enhance your privacy. First, you have a kill switch, a tool that terminates your internet access in case a sudden drop in the VPN connection occurs. You don’t want your data to flow through unprotected servers in a public place.
Second, there’s Bullet Shield, a technology that wouldn’t even allow you to connect to the network unless you connect to a BulletVPN server first. That way, you’ll know you’re protected from the beginning.
In other words, with BulletVPN, it’s next to impossible for anyone to track what you’re doing and harvest your data even if you’re connected to public Wi-Fi.
Taking care of your device is one step closer to shopping safely online. As a first step, update your software regularly. Too many users put it off, but your OS is updating for a reason. They are often released to help improve the device’s security and fix any previous bugs they might have missed before.
Moreover, an update is a way to enhance the means your device has to fight off attacks that are being developed constantly. It might be a bit frustrating for some users to just sit around and wait for their device to go through updates and restart, we get it. However, the security benefits they’ll be getting from a 20-min wait are grand. So, the next time you get an update notification on your device, do it.
On the other hand, getting a premium Antivirus is pretty essential nowadays. You have to protect your device from any possible malware, virus, or malicious software attack. A credible anti-virus can fend off online threats looming around, be it suspicious emails, phishing attempts, or embedded tools.
Moreover, antivirus programs also make regular background checks to see if any irregular shady activities are present. Try to get a tool that updates regularly. If not, then you have to update the software manually every now and then. It’s a very important procedure, otherwise, they can let in any new threats, and it’s evident, there are always new threats.
Most internet users don’t even bother to change their password. Some may update it on an annual basis, while others regularly do that. It’s very important to shuffle those letters, digits, and symbols to maintain a secure unrecognizable password every now and then.
Every time you change your password or create a new account, make sure that the codes you’re using are difficult. If you don’t know what to use, you can always operate with a password generator. This tool can come up with very difficult-to-memorize passwords, not even you could recall.
If that’s the case, you can use password managers to store them. No matter how many accounts you have, make sure that each one has a unique password. You don’t have to worry about the number of passwords, you have a manager for that.
On the other hand, check if the online shopping store offers a two-factor-authentication (2FA) within its services. That way, if a breach occurs, you can take matters into your own hands before anything is done. With this feature, if the hacker cracks your password and signs in with your account, he’ll have to insert a verification code sent to either your email or mobile.
While using your credit card might be the fastest way to purchase items online, some websites may provide a “middleman” service to do so. This way you won’t be submitting your credit card account details, which is the main point of this.
For example, when you use the likes of Paypal, you first set an account, make the payment through the service itself, and then it passes your payment to the merchandise seller. During the process, your credit card number cannot be seen by the seller or whoever might be tracking your activities.
Another option would be prepaid cards. Your credit card might have a high spending limit of up to thousands of dollars. With a prepaid card, you can decrease that to the amount you need to spend. If someone manages to get a hold of that, they’ll have little to no money to spend.
Such prepaid cards are very popular among streaming platforms, App stores, and gaming consoles. Commonly known as gift cards, used to purchase subscription plans, buy applications/games, and so many more. You pay a certain amount of money, get the gift card, and fill up your e-wallet with a certain amount of cash.
Cryptocurrency is another way to shop online anonymously. If you use Bitcoin, your identity and credit card information cannot be traced or compromised. The bottom line is: Avoid your debit card while shopping online. If someone manages to grab its numbers, your whole bank account would be compromised.
Security threats are everywhere, and online shoppers aren’t the only ones concerned about them. Now, it’s pretty standard in brick-and-mortar stores to purchase items using your Smartphone. It’s so much more secure than using your credit card.
Nowayads, you don’t even have to take your credit card with you if you’re visiting a place that accepts phone payments. Apple Pay and Google Pay are the two leading mobile payment apps in the industry. They both generate a one-use authentication code for the purchase that no entity can harvest or make use of.
But you might be asking, what does this have to do with online shopping? Technically, the service is not available on every online store, but some websites and apps support it. We’re talking about the likes of Airbnb, Groupon, Staples, Starbucks, Ticketmaster, Fandango, and many others.
So, using your mobile is a lot more secure than submitting your credit card information every time you want to purchase anything.
One of the easiest task, yet essential tasks you can do is to check your credit card statements. Don’t put it off till the end of the month, you might get upset with the results. Every time you use your credit card online and even after getting the item, check your bank statements.
Keep a keen eye on any irregular activities. Remember, there’s more than one way to get to your money, so you better also check the payments originating from the likes of Paypal. Once you see something wrong with the statement, give your bank a call and address the matter quickly.
You’ll definitely feel guilty if your credit card information got stolen, but don’t hesitate to contact your bank. It’s better to do so within a 30-day period, Otherwise, you might be liable for the charges.
Online shopping is not the same anymore. In fact, it was never safe, to begin with, users just ignored or didn’t know about that fact until now. The risks of online shopping without precautions can have devastating effects in terms of privacy and security. You don’t want to lose your money just because you were intrigued by a certain item online.
Online shopping can be relatively safe and stress-free if you follow these safety tips included in this guide. Don’t go online blindfolded, learn all about the risks the internet brings. Eventually, with the right information, we can all be smart online shoppers.