Online Safety > Online Shopping

Online Safety Online Shopping Online Safety


While online shopping is now a common way to acquire goods and services, cybercriminals continue to find sophisticated ways to target online shoppers. As convenient as online shopping may be, it is important to know how to do it safely and avoid falling into traps created by cybercriminals.

Cybercriminals often create scams centered around current events, like the holiday season, or sought-after items. Do not fall for these online shopping scams.

Use these steps when shopping online to stay safe and avoid having your money or information stolen:

Do not use public Wi-Fi.

While many areas have public Wi-Fi connections available, these may not always be safe. Cybercriminals can spoof, or try to mirror, an organization’s network to make it look legitimate. If you join one of these spoofed networks, they might see everything you are doing and try to steal your information.

Check site security before you buy.

Make sure the websites you use are secure by checking to see if they have HTTPS protection. You can do this by looking for a padlock next to the address bar or another indicator that marks the site as secure.

Use strong and unique passwords for your online accounts.

Create a password that is at least 15 characters long, and use a combination of letters, numbers, and punctuation. Keep your passwords private; never share them with others.

Shop with reputable retailers.

Make sure you are dealing with legitimate businesses. Retailer websites can be spoofed and used to steal your credit card information. Some sites may also claim to sell name brand goods at a heavily discounted price; however, these transactions may lead to you receiving fraudulent products. Read reviews to make sure you are dealing with a reputable retailer before giving them access to your personal information.

Avoid clicking on suspicious links with offers that seem too good to be true.

Cybercriminals will use tempting deals on products to send phishing emails and create malicious advertisements on social media to lure you into visiting malicious sites. If you enter your account username, password, and/or payment information on these fake websites, it can lead to data theft and financial gain for cybercriminals. Clicking on suspicious links can also lead to malware being installed on your device, which cybercriminals can use to access files.

Keep your device software and apps up-to-date.

Carefully review and install software patches as soon as they become available, especially for your operating system. Follow this same step for any app updates on your device as well. This reduces the amount of time that you are vulnerable to an attack.

Pay with a credit card instead of a debit card.

Credit cards give you access to a line of credit and usually offer stronger fraud protection than debit cards. If you visit a malicious site and are fraudulently charged, you may have an easier time working with your credit card company to reverse the charge. If you use a debit card, that money will likely be taken out of your bank account immediately and it may take a while to regain access to your funds.