Blog, Events & News
5 Online Shopping Security Tips to Protect Your Data
By Sabrina / 31st Mar 2021
Protecting yourself when paying online is very important. It’s a scary thought, but fraudsters have lots of ways to sneak in and steal credentials, bypass security and make victims of online shoppers.
As we have discussed previously on this blog, criminals don’t just rely on traditional “hacks” to exploit technology. Increasingly, bad actors are using sophisticated bots to exploit business logic in order to breach security and carry out attacks.
However, there are several things you can do to keep yourself safe online especially when shopping. Below are the top tips for secure online shopping:
Pay using a credit card
Debit cards usually don’t have the same security protection as credit cards, so it’s a good idea to check your terms or stick to using credit cards when buying online. Credit cards and payment services usually provide more protection.
Using a credit card may also allow you to claim a refund from your card provider if a purchase does not arrive or is faulty. Alternatively, online services like PayPal mean scammers will not be able to get hold of your bank details.
Use strong and unique passwords
Always choose strong passwords for your online accounts. Many websites and apps have applied requirements to increase password strength, but even when they’re not required, it’s best to follow these guidelines: Using a combination of upper case, lower case, number and special characters can make your account more secure.
It is also very important not to share passwords across multiple sites, as if even one of these services is breached, criminals will be able to carry out attacks like credential stuffing and account takeover (ATO) to access your accounts elsewhere. From here your assets or credit could be stolen, changes or sold on the dark web.
Although it’s tempting, you should also avoid sharing your passwords with friends or family members, especially for services like Netflix, as this takes control away from you and could put your credentials at risk.
Use a secure website
Before entering any personal or credit card information when you’re shopping online, look to see if the web address on the page begins with “https”, not “http”. The S stands for secure.
You should also look out for a padlock in the address bar next to the website address. Clicking the padlock symbol should allow you to see information on the website’s security certificate.
You also want to make sure you are buying from a real online address. Malicious links, often sent in unexpected emails or on fake social media profiles, can be dangerous to you upon arrival on the website, especially the checkout process where you will enter sensitive payment information.
Don’t use public Wi-Fi
Avoid making financial transactions using public Wi-Fi connections. Your everyday mobile data is more secure than public Wi-Fi. Public Wi-Fi is often unsecure, which means any information you send while connected to these networks could be accessed by fraudsters.
If you do need to use public Wi-Fi, always use a professional and reputable VPN (virtual private network) to keep your information secure when you shop online or browse.
Updated software and virus protection
A regular and important tip for shopping online is to use a good antivirus and keep it updated to the latest version. It will keep you safe against the latest known malware and threats.
Make sure you at least have an updated browser when you order things online. These updates often contain changes which help protect you and your devices from scammers and online criminals, so while it might seem like an inconvenience to update your operating system and applications, doing so helps keep your data safe online.
Online shopping doesn’t have to be dangerous
Reputable eCommerce websites should generally have a bot mitigation solution in place, preventing access by malicious bots and improving online shopping security. But as these bots get more and more sophisticated, so should the defences put in place to stop them.
At Netacea we keep track of emerging automated threats and use our Intent AnalyticsTM engine to help our clients continually protect their genuine customers to make sure they can shop securely.
- Uncovering Bots in eCommerce Part One: Carding
- Account Takeover – The Attacker Mindset
- Bad Bots 101 – Credential Stuffing