The Do's and Don'ts of Online Shopping
Take these precautions to lower your risk of becoming a victim of fraud or identity theft.
More consumers are expected to do their holiday shopping online this year – about 47% compared with 44% in 2010, according to a National Retail Federation survey. And about half of those surveyed who own smart phones and 70% who own tablets will use their devices to research items and make purchases.
The Internet makes it easy to compare prices, shop quickly and avoid the crowds. But it can also put you at risk of becoming a victim of identity theft if you don’t take the proper precautions. Security expert Jon Heimerl says he doesn’t expect scammers to be out in greater numbers this year. However, he says more consumers may become victims simply because more people will be using the Web to do their holiday gift buying – especially those who aren’t accustomed to shopping online and aren’t aware of the risks.
So Heimerl suggests that you follow these do’s and don’ts of online shopping to protect your personal information and reduce your risk of becoming a victim of a scam or identity theft:
DO: Select your own seller. If you use a search engine to find out which online retailers might have an item you’re looking for, don’t click on any of the links on the search result page. As many as three results per page are poisoned results (that is, fraudulent sites that likely will misuse any personal information you enter), says Heimerl, who is director of strategic security for Solutionary. Instead, go directly to a retailer’s site or use a price-comparison site, such as Amazon.com or PriceGrabber.com. Even if you're using a site that you think is legitimate, look for a security label, such as VeriSign or Cybertrust, and for https:// in the URL on pages that prompt you to enter personal information.
DO: Shop at home. Never make purchases online using a public Wi-Fi connection. Hackers can tap into Wi-Fi connections at hot spots, such as coffee shops, airports and hotels, to capture your personal information. Also, never use a public computer to shop or check accounts online.
DO: Pay with plastic. Make sure you use a credit card when making purchases online. If a hacker steals your debit card information and uses it to make unauthorized purchases, you must report any misuse within two days of learning of the fraud to get the same $50 limited liability you would get with a credit card. Miss that deadline but report your loss within 60 days and your liability is limited to $500. After 60 days, your liability is unlimited. That said, if you've been a good customer, most banks will credit your account within a couple of days after you report the fraud.
DO: Check your credit-card bill. If you do a lot of shopping online, review your credit card accounts regularly to make sure there aren't any unauthorized purchases. Heimerl recommends that you print out your receipts or put e-mail receipts into a separate folder so that you can check your statements against your receipts. He uses only one of his credit cards for online purchases, so he was able to catch an unauthorized purchase quickly when another of his credit cards was used to buy something on the Web.
DO: Shop smart with your smart phone or tablet. These devices make it easy to shop on the go, redeem coupons and compare prices in stores. But you could be putting your personal information at risk if you aren’t careful. For example, before you download shopping applications, check what sort of access they want to your phone, Heimerl says. Opt for ones that require fewer permissions. For example, Heimerl says he avoids apps that want access to his contacts because he doesn’t want a third party calling them or flooding their phones with ads. And if you use your smart phone or tablet to shop online, click "no" when asked whether you want a site to remember your password. Otherwise, if anyone gets your phone, he’ll have easy access to your accounts.
DON’T: Fall for bogus bargains. If a Web site or individual offers a deal that's too good to be true, demands a direct transfer of funds and won't accept credit cards, it's probably a scam. This sort of offer often appears in unsolicited e-mails. Don’t ever click on a link in an unsolicited e-mail to go shopping, even if the e-mail looks as if it came from a legitimate retailer, Heimerl says. You’re safer going directly to a retailer’s site to see whether it’s having a sale rather than clicking on a link that could take you to a fraudulent site.
DON’T: Trust every deal you see on social-networking sites. Twitter and Facebook can be smart ways to stay on top of deals. But note that the URLs on Twitter (and sometimes Facebook) are often shortened, so you won't know whether you're landing on a legitimate retailer's site by clicking the link. One option is to use a deal notification you see on Twitter as a tip, then research the details on your own.
DON’T: Wire money to pay for an item. If you purchase an item from an online auction site, such as eBay, and the seller asks you to wire your payment, don’t do it. Heimerl says wiring money is inviting yourself to a fraud situation -- you have no way to get your money back if the item you purchase never arrives. Pay with a credit card so you can dispute the charges if you don’t get what you paid for.
DON’T: Assume an escrow service is always safe. If the seller is pushing you to use a particular escrow company to handle a transaction, be suspicious because it might be part of a scam. You can verify a company's legitimacy by checking with state regulators, or ask to use an escrow company of your choosing, such as Escrow.com.