Online shopping safety tips - what’s the safest way to pay online?

29 Mar, 2021
John Tunay
John Tunay
Technical Product Marketing Manager
Whether you’re shopping for the holidays, or simply browsing online shopping sites to look for bargains on your favorite items, it’s advisable to take a moment to ask yourself, are you shopping safely?  
It’s important to keep in mind that whenever you go shopping online, it’s also the time when hackers go "shopping" for consumers' personal data such as your bank account, credit card or debit card number, or other financial information. 

In fact, during the 2018 holiday season QZ reports that 91% of eCommerce sites’ global login traffic came from attacks called "credential stuffing." That’s also why 71% of Americans reported that they are concerned about identity theft during the holiday shopping season.

To protect your personal identity from prying eyes, it’s important to  understand the latest cybersecurity threats and what you can do to make safe online purchases.

Cybersecurity threats when shopping online

Here are four tactics frequently used by hackers to steal online shoppers' Data:

1. Phishing and spear-phishing:

These occur when hackers trick victims into sharing information, such as passwords or credit card numbers (e.g., over email or a spoof webpage.) While phishing attacks are broad-stroke attempts, another form of this is called spear-phishing attacks which often contains information specific to the victim.

2. Malware:

While it’s commonly known that spyware and viruses infect consumers' computers when they open an email attachment or click on a malicious link/pop-up, it’s less known that once infected, hackers can use the malware to steal credit card information, and hijack a computer.

3. Ransomware:

This is a specific kind of malware attack during which hackers encrypt the information on victims' computers and demand a ransom to be paid to unlock the Data.

4. Data theft:

This occurs when hackers convince victims to voluntarily give up their Data or purchase login credentials from dark web marketplaces. In this case, they then use the information to make fraudulent purchases.

7 ways to pay safely online 

1. Purchase from reputable eCommerce websites

Look for "https" in the URL and trust badges on the checkout pages to ensure that your information is encrypted.  You can also  check the address bar for a lock icon which will let you know at a glance if the site you’re visiting is SSL secure. 

Be cautious when clicking through shortened URLs also. Such URLs are designed to be “mobile-friendly” but it can be dangerous because you can't tell where they are pointing to.

You should also check that the merchant is PCI compliant before submitting payment information on the checkout page.

2. Quit suspicious online transactions

If it’s too good to be true, it probably is. If a website asks for more personal information than necessary to complete a transaction, or is filled with pop-ups and ads, quit the transaction and close your browser. Chances are, these pop-ups are designed to mask other activities that compromise your online shopping security.

3. Don't use public, unsecured Wifi to make online purchases

Most Wifi hotspots actually don't encrypt Data, so with the right security software your Data can be picked up easily by hackers. That means you should wait till you have access to a secured network before placing your online shopping orders. If there are no other networks available other than a public wifi, ask yourself “is it safe to order online now, or should I complete the transaction later?” – chances are it’s the latter.

4. Monitor your credit card statements and credit scores regularly

This will help nib fraudulent charges in the bud and prevent hackers from using your personal information to open credit lines. Look out for small charges to your credit card made from unfamiliar shopping sites as thieves usually “test the waters” with small transactions before they make major ones later to trick your bank.

5. Be careful when shopping on mobile devices

Most phones are not  equipped with anti-virus software and that is why it is important to be careful when using it for shopping online. Also, make sure any personal information you store on your phone is password-protected in case the device gets stolen.

6. Don't click on links in suspicious emails or ads

When visiting  a link, right-click the URL or ad and copy-paste the URL into the browser to make sure that you're going to a reputable website. Always, check the link before visiting or entering any financial information to avoid being a victim to phishing attacks.

7. Keep your operating system and software applications up to date

This will help ensure that you have the latest security patches required to protect your computer from the most recent viruses and malware. Always update your browser of choice especially if you store your credit card or debit card information on them for faster checkout – a compromised browser is a window for hackers to steal your financial information.
We know you’ve probably already heard most of this before, and you might be thinking, it sounds like "common sense" for anyone living in a connected economy. But, what usually happens is we take this knowledge for granted and forget just that one time. And, that’s when it happens. It only takes one time to be hacked. 

There is however one thing missing from this list that is not common sense.  To protect your personal  information and Data, there’s no denying you should at least have a trusted anti-virus software installed on your computer or mobile device.

Every Windows PC comes with Windows Defender, but there’s many other free anti-virus software on the market which are effective at detecting  known malware. But remember, even though anti-virus software protects you from known threats, you’re still vulnerable to unknown malware that remains undetectable by anti-virus software until the next routine update.

The truth is, the best anti-virus software detection rates are only 99%, but at SecureAge, we created a solution that captures threats that fall outside the 99%. This is important because more often than not, ingenious novel new threats find their way into existence and we usually don’t learn about them until it’s too late. Usually this is when it’s in the news 6 months later!

That's why an intuitive application control like SecureAPlus can make a world of difference. Powered by AI, this security software can identify malicious patterns on its own without relying on definition updates. Most importantly, it blocks first and asks questions later. A personalised allow-list is created which will deny both known and unknown threats, and when the AI is in doubt, rather than deny by default, (which can have unintended consequences), it will alert the user thus giving 100% protection. SecureAPlus works in tandem with various cloud anti-virus scanners, to protect and inform without interfering with existing systems or user processes. That means, you don’t have to sacrifice any AV that you’re already using, SecureAPlus is compatible. 

Put simply, the SecureAPlus approach puts you ahead of the threat instead of being at the mercy of malware or virus updates. This is particularly important during seasonal times of the year when thousands of malware are released daily and you need immediate protection against evolving threats to ensure your personal information is safe.

Shop online safely with SecureAPlus. To find out more about SecureAPlus, visit https://www.secureage.com/products/endpoint-protection-platform.

Our website uses cookies to ensure you get the best experience and can find what you need. Read our cookie policy