How to be a Savvy online Shopper

Be cyber savvy when shopping online

Black Friday and Cyber Monday have become two of the main shopping events in people’s calendars throughout the year. It’s a great time to find deals and bargains in the run-up to Christmas, but unfortunately, it also means that online scamming and security breaches are rife, so your cybersecurity could be compromised. Don’t let this put you off filling your cart though – instead, making sure you’re aware of the risks is the key to mitigating online scams. Therefore, we’ve provided some top tips for you to follow to ensure you are security savvy when shopping online.

So, what can I do to ensure I’m shopping securely online?

With the festive season upon us, we will be buying online more than at any other time of the year, but don’t let that Christmas spirit distract you from protecting your security when shopping online!

Rather than the 12 days of Christmas, we have come up with the 10 Golden Rules of Christmas Shopping to help you safely navigate your online transactions! These tips are useful across any aspect of your personal and work life, so ensuring they become habit is the best way to stay safe all year round.

10 Golden Rules to follow when online shopping

Rule 1: Stay up to date

The first step to a safe online shopping experience is making sure your device (be it mobile, tablet, laptop or desktop PC) has up to date security software running. Most modern anti-virus software can help to keep you safe when shopping online, and don’t forget your device’s operating system (base software, e.g. Windows, Android, iOS, etc.) as this will also be updated with security patches periodically.

Rule 2: Don’t trust open WiFi networks

If you’re shopping from a mobile device, be very wary of using public or open networks, such as those in coffee shops, airports or other public spaces. The data going to and from your device over these types of networks is in danger of being snooped upon and should not be considered secure. If you are shopping on a device that can use a mobile network for your web access (such as 3G/4G/5G), you’re better off using your data allowance than relying on an insecure (albeit “free”) WiFi connection.

Rule 3: Check for the padlock icon

Make sure the website you are just about to enter your personal or payment details into is displaying a padlock symbol in the address bar. This shows that the website has a secure coding element known as SSL and has the more secure https:// prefix, rather than http://. This shouldn’t be relied upon on its own, as there are some ways around it, but can be used in conjunction with the other tips here to add confidence that you’re in safe hands.

Rule 4: Don’t overshare

If you’re planning on buying a new electric toothbrush, and the website wants to know your inside leg measurement and birthplace before completing your transaction, be wary. Oversharing personal data can be dangerous. Websites can get hacked, and that data could be made available to fraudsters. Consider using unique security information for each site that you set up an account for, just make sure it’s memorable!

Rule 5: Use strong passwords and Multi-factor authentication (MFA)

It’s always a good idea to make sure you use strong and unique passwords for online accounts. Avoid things that may be available via social media, e.g. pets or partners names, favourite sports team, etc. or anything obvious such as qwerty or password1. Best practice on passwords is always changing, but a good rule of thumb would be to use three distinct but unconnected words, with some number and special character substitution thrown in for good measure (i.e. TreeC4rBa!! (Tree Car Ball)). In this way you can also tailor your passwords to the account, re-using the same password across multiple accounts is a massive no-no (once one is compromised, they all are). If MFA (Multi Factor Authentication) is available for the account, this can also add a robust layer of security, as a scammer would need access to a secondary device (commonly a mobile phone) that you own to gain access, once setup. You can find out more about setting secure passwords on our previous blog

Rule 6: Do your research

Always be confident that you’re making your purchase via a trustworthy seller. Ask yourself a few questions to be sure: Are they a household name? If so, are you sure you are on their legitimate website and not a “lookalike”? Check the website address carefully. Do they have positive online reviews from trusted reviewers such as TrustPilot, Feefo, etc? Are complaints being made about them on social media? Doing a quick search is the best way to put your mind at ease and ensure you don’t lose any money!

Rule 7: Check the small print

Being aware of your statutory rights as well as the company’s shipping and returns policies before you hit that final button at checkout is vital. If there’s a long delay before your purchase can be shipped, ask yourself why. Make sure any shipping charges are stated before confirming your purchase to avoid additional charges being made against your payment method. Are you able to return your purchase for a full refund should it not be as advertised? This is particularly important if you are buying something from an international retailer as lead times might be longer and returns could be costly or difficult.

Rule 8: Credit is always better than debit

You will have more protection if you use a credit card rather than a debit card. Credit card providers have an additional layer of security and fraud protection to make sure you stay safe. Simply make sure you pay the credit card off in full at the end of the month to ensure you don’t get charged any interest. Alternatively, online services like PayPal mean scammers will not be able to get hold of your bank details.

Rule 9: Be wary of links in emails

If you receive a parcel tracking link in an email from a delivery company, are you expecting it? Can you be sure that this is in relation to a purchase you have actually made? Scammers are devious and known to send emails appearing to be from well-known carrier companies at the times when people are likely to be making an increased level of online purchases (such as Black Friday, Cyber Monday or Amazon Prime Day), tricking shoppers into clicking links that can download harmful applications or harvest personal data.

Rule 10: If a deal looks too good to be true, it probably is

Our final tip for safe online shopping dates back, in its original form, to the late 16th Century… well before online shopping! And it’s as true now, as it was then. Don’t let excitement turn off your common sense, that’s exactly the response the scammers are after! So, if something is telling you it doesn’t seem right, steer clear.