As technology has advanced, our shopping habits have changed. We have become a world of internet shoppers – even when in bricks and mortar stores. Whilst these advances bring benefits for both the retailer and customer, they also open new doors for cyber criminals who are out to steal your personal and banking details and clean out your bank account.
It has never been more important to stay safe when shopping online and so we’ve put together nine very useful tips to help you make secure purchases on the internet, whether on the laptop at home or on the phone whilst you are out.
- Always use familiar websites
One of the big advantages of the internet is its ability to let you search for the best deals. Type in a product and you can often find page after page of different shops selling the item, all at different prices. The trouble is, anyone can create an online store and put on details of products at bargain prices.
Whilst the shop could be legitimate, there’s also the possibility it is a scam. When you fill in your credit card details and shipping address these could be going straight to a cyber criminal who wants to try and access your bank account. Alternatively, they can take your money and you’ll never see the products. If you are not familiar with the website, ask your friends or search for customer reviews about the site. If these come up blank, it’s a good idea to stick to websites that you know and trust.
- Make sure you use a website that encrypts your details
When you shop online, it is possible that your name, address and credit card details can be intercepted and stolen as you pay for your goods. To prevent this occurring, websites use SSL (Secure Sockets Layer) to encrypt the information you send. Unfortunately, not all websites use SSL and purchasing from those who do not leaves your details vulnerable.
However, there is an easy way to make sure that the site you are using does have SSL encryption installed. Firstly, its web address will begin with https instead of http and secondly, most browsers will show a padlock icon in the address bar. You can see this with our address below.
If the site you are purchasing from does not have https or the padlock icon, you should think carefully about the risks involved in your transaction before proceeding.
- How to find if the company and website are genuine
As anyone can set up a website, it is always advisable to check that an unknown company is genuine before you purchase from them. Companies that sell online should provide you with relevant company information including contact addresses and telephone numbers. Searching for these online can often provide details that will confirm whether the company actually exists or not.
For UK limited companies, the solution is easier. They should provide their company name and registration number on their website. You can check this is a real limited company by visiting the Get Company Information page of the gov.uk website. All you have to do is type in the registered name or registration number. If the company exists, it will be listed.
An alternative method is to find out information about the company which owns the website. You can do this online by visiting who.is and typing the domain name (e.g. webhosting.uk.com) in the search bar. When you do, the ownership details will be provided for you.
If the business details provided on the website are different to those on the who.is results then it may be a scam website – especially if you have a website purporting to be a UK business but which has a registrant based in another country.
- Keep checking your card statements
As you will have seen in the news from the hacking scandals at Talk Talk and Ashley Madison, credit and bank card details can get stolen not just from you but from any company who you have shared them with. When card details are stolen, many of them are offered for sale on the ‘dark web’ where they can then be bought by criminals and used at a later date.
You may not know that your details have been stolen until someone starts taking money from your account. If you don’t check your account regularly, then it is possible that by the time you check your balance, your credit limit could have been used up or your bank account emptied.
When you do check, you should look carefully at all the transactions. Criminals are clever, they may steal regular small amounts so as not to raise suspicion or use your card to make payments for goods that appear as legitimate transactions on your statement. If you spot anything that looks fraudulent, contact your bank or credit card company immediately.
- Don’t take website security seals on face value
Many leading web security companies, such as Norton or McAfree, provide sites they have verified as secure with a security seal; a kind of badge or logo which they can put on their website to show that they can be trusted. Unfortunately, these images can be copied or fake ones invented. Just because a website has a security seal does not guarantee that it has been approved by the company who issues the seal.
Legitimate seals should be clickable and take you to the issuer’s website where you should be able to verify that the website you have come from has been deemed secure. However, scammers are even able to create fake verification sites. To check a security seal of a website you want to purchase from, you should visit the security company’s website directly from a search engine, not from a link on the seal itself.
- How to create strong passwords
Hackers use increasingly sophisticated methods to find out users’ passwords, so it is essential that you make it as difficult as possible for them to get access to your account. The best way to do is to create a passphrase rather than a password.
You can create a passphrase by putting four or five unrelated words together and replacing some of the letters and with capitals, numbers and symbols, for example, take ‘pillow umbrella tea shoe’ and create: P1ll0w+umbr£ll@+TEA=sho£.
Alternatively, take a memorable phrase and modify it, for example, take “To be or not to be, that is the question” and create: 2Bor-2BthtISthe? Or turn ‘Daleks say exterminate’ to: D@lXs@yXtrmn8
These solutions provide highly complex passphrases which are difficult to crack but can be easy to remember.
- Always consider security when shopping with your mobile
Mobile technology has advanced so much that we can now use our phones to pay for items in a shop. Linking your phone to your payment method offers lots of advantages: customers can track purchases, find out about deals and use discount codes for stores in their immediate vicinity.
However, this same technology gives rise to privacy issues. You can be tracked physically as you wander around a location and the places you have shopped at can be recorded. From a security point of view, you also need to be aware that any purchasing you do with your mobile phone takes place via a Wi-Fi connection and if this isn’t secure, your details can be intercepted and stolen.
The other major risk is that losing your phone or having your phone stolen means that someone can use it to pay for goods just by waving it in front of a payment device. If you use mobile payment technology, make sure you keep your phone somewhere it can’t be easily stolen and use a password lock to prevent it being used if it is lost or stolen.
- Make sure you use a safety device for online banking
Many banks issue customers with a security device to improve the safety of online banking. These are portable electronic devices, often looking like a small calculator, which are able to generate a unique, one-time use, security code, used to login and make transactions on your online bank account.
These devices make it near impossible for someone to login to your bank account as they will need the code the device creates to do so. As the device works without having to be connected to the internet itself, there is no way the code can be intercepted.
If your bank offers you the option to use one of these devices, you should take up the offer. It makes logging in a little more complicated but the security benefits are worth it.
- Why you should not use public Wi-Fi for shopping
Public Wi-Fi is a great way to access the internet when you are out and about without having to rely on your phone network to download data. However, there are risks to security when using open public Wi-Fi: cyber criminals target these networks looking to intercept data and steal passwords, login details and credit card information. If you intend to make a purchase on your phone or other device whilst you’re out shopping, you should disconnect your Wi-Fi and make the transaction using your phone network. It may be slower than the Wi-Fi but it will be far more secure.
From reading this article, you should now have a much better idea of why you need to be more vigilant when shopping and banking online, whether in the home or using mobile devices whilst out and about. By following our nine tips, you will find that your online shopping experience will be far more secure.
If you run an online business and want to improve safety for your customers, take a look at our highly secure managed dedicated server packages and cloud hosting packages. We also offer a range of SSL options.