While Holiday Shopping, Click With Care

With all the goodwill and cheer that abounds this time of year, it would be nice to think that some of it would rub off on the crooks. Sadly, of course, that’s not the case, and being the victim of fraud or identity theft is a sure way to ruin your holidays.

With Cyber Monday just two weeks away, and many online deals available already, this is a good time to brush up on your cybersecurity.

According to the U.S. Computer Emergency Readiness Team (CERT), a division of the Department of Homeland Security (DHS), the three most common ways attackers target online shoppers are by creating fraudulent websites and email messages, intercepting insecure transactions, and targeting vulnerable computers.

Therefore, Billshark wants to remind you of five ways to protect your money while shopping online.

1. Be sure the vendor is legitimate. Look for the “s” in the “https” address, and the icon of a locked padlock in the address bar or the status bar at the bottom of your web browser (depending on your browser). Watch out for misspellings in the address (honedepot.com, for example) or a different top-level domain address (such as amazon.net or .org). Check to be sure the vendor has a physical address and phone number before buying from them. Also search for reviews about them online. And beware of amazing offers of sale prices, whether online or through an email ad — the old saying that “if it sounds too good to be true, it usually is,” is usually right.

2. Keep your personal info to yourself. No online vendor needs either your birthdate or your social security number. If you buy at any public Wi-Fi spot, including libraries, cafes, or airports, you’re just asking to have your transaction intercepted. Shop at home instead, through your regular network provider, or obtain a virtual private network (VPN) to set up a secure connection for your use. Never give out sensitive financial information in response to an email request. Legitimate businesses don’t request this data through emails. If you receive an unsolicited email from a business, don’t click on the provided link. Instead, type in the address yourself.

3. Update all your software, including your operating system, browsers, apps, and anti-virus program. And be sure you have strong passwords for each site (see Billshark’s blog, “The Hidden Risks of Biometric Security”). If you’re shopping on a mobile device, restrict yourself only to apps provided by the retailers. CERT warns that there is no legal limit on your liability with money stored in a shopping app (or a gift card), so look for apps that tell you what they do with your data and how they keep it secure. Also, before providing personal or financial information, check the website’s privacy policy to see how your information will be stored and used.

4. Stick to credit cards for purchases. As Billshark discussed in “The Danger In Your Debit Card,” the laws protect you in the event of fraudulent credit card purchases, but not if you use your debit card. CERT recommends using a single, low-limit card for all your online purchases, or when using a payment gateway such as PayPal, Google Wallet, or Apple Pay.

5. Keep an eye on your accounts. In the midst of all the holiday hustle and bustle, you may think the last thing you have time for is frequent checks on your credit card and bank accounts, but in the event of a breach, the faster you discover it, the better. Keep records of all your online transactions, including the product description and price, the online receipt, and the emails you send and receive from the seller, then compare them to your statements. If you spot a discrepancy, report it immediately.

Make sure to protect yourself, your wallet, and your identity this holiday season.