'Tis the Season to Protect Your Identity: Online Shopping Security (Part 1)

This is part one of our holiday shopping security series

It's the time of year when people start making both online and in-store purchases for their loved ones. When holiday deals appear, most people enjoy indulging the spirit of giving. Unfortunately, many identity thieves and cybercriminals don't feel the same spirit and often target holiday shoppers.

Director of Insights at Branded Research, Kristen Miles, explained that "women are slightly more likely than men to say that identity theft protection and cybersecurity are very important to them when online holiday shopping. And older consumers over the age of 45 are more likely than consumers under the age of 44 to say that identity theft protection and cybersecurity are important to them when online holiday shopping."  

The real tragedy is that there are still many holiday shoppers who fail to take the precautions to keep their identities safe, which, unfortunately, makes them easy targets. You may be pleased with how much you save on holiday gifts, but you may not even realize just how much you've sacrificed when it comes to personal security.

Although online shopping may be safer this year in regards to your health, it could be riskier for your identity and personal information. 

As our gift to you, we worked with a few identity theft and cybersecurity experts and created a list of security tips that can help you stay safe online this holiday shopping season.  

We’ll discuss the following: 

• What to do before you shop
• What to do while you shop online
• What to do after you shop online

It’s no surprise that the world continues to gravitate online for holiday shopping, especially during these pandemic-ridden times.

Below are a few preparatory steps you should take before you start your online shopping adventure this holiday season. 

Make sure your devices are secure 

When you’re gearing up for your online shopping session, it’s important that you make sure to 
secure your computer and mobile devices.  

Dr. William Rials, an Associate Director and Professor of Applied Computing and Technology at Tulane University School of Professional Advancement explains that “using an unpatched computer to shop online is an easy way for cyber criminals to exploit your information.” 

Rials also strongly advises “to keep the operating system, software, and apps updated and patched on all of your computers and mobile devices that you use with retailers.” 

When it comes to additional protection, Rials suggests that you purchase and use up-to-date antivirus software. Although you might not like the idea of buying extra protective software, it can act as a strong defensive system against innumerable cyber criminals who prey on holiday shoppers. 

Do not use public Wi-Fi or computers 

If you are thinking about making your online holiday purchases while using public Wi-Fi or a public computer, you might want to think again. 

Rials warns to “not use public computers or public wireless internet access for your online shopping.” He explains that “public computers and public wireless networks are not safe (because) they may contain malware and viruses.” 

When it comes to making financial purchases online, using your own personal devices and making sure your Wi-Fi connection is secure can make all the difference in your fight against identity theft, scams, and online fraud. 

Determine your payment method 

It’s important that you determine which payment method you will use before you start buying fun holiday gifts and trinkets online. 

Why? It’s an added security step. A data breach can occur regardless of what website you use. Basically, the payment method you choose for your online holiday shopping could help prevent your financial information from being compromised and misused.

Rials advises consumers to use a credit card instead of a debit card when making purchases online. He says “your safety is increased when you shop online and in-store by using a credit card rather than a debit card.” 

He explains that “debit cards do not have the same consumer protections as credit cards. Credit cards are protected by the Fair Credit Billing Act and may limit your liability if your information was stolen or misused.” 

If you are planning on using the credit card payment method, you may want to consider using one credit card for all of your purchases. After all, if that one credit card gets compromised, it will be easier to spot on one credit card statement and easier to handle, since it won’t affect all of your other accounts. 

If you don’t have a credit card or don’t want to use a credit card to make online holiday purchases, there are some other options out there. 

Doug Brennan, manager of the Digital Addicts blog, a publication that focuses on technology and security, advises consumers to consider using a third-party payment service instead of using traditional payment methods. 

He says that “many popular online stores allow you to pay via Paypal or Apple Pay, both of which are great alternatives to entering your credit card information. And with all the data breaches that have happened over the past few years, you can never be too safe with your sensitive information."

Learn about scams and trends

"Online holiday shoppers have to be more careful than ever to protect themselves from cyber attacks. Shoppers must be wary of unusual requests for payment when shopping during the holidays,” explains Tom Kelly, President and CEO of ID Experts, a well-known consumer privacy platform.

Countless scams can occur online from sale scams to fraudulent websites, and more new scams keep popping up. It can be difficult to keep track of scams, but not impossible. To stay up-to-date on the latest scams, you can utilize news sites, check the social media updates from well-known scam and identity theft experts, and visit resource websites like the Identity Theft Resource Center. 

Kelly warns that “Black Friday and Cyber Monday scams often try to lure shoppers to look-alike retail websites and then trick them into entering private information or downloading malware onto their computer.” 

Clearly, it’s important that you know what scams are out there and that you know what to do to make sure the websites you want to shop from are safe. Check out the next step to see how you can identify the legitimacy of a website before it’s too late. 

Check website legitimacy 

When online shopping, it can be easy to be catfished by websites, especially if you don’t know what to look for. 

Victor Congionti, CEO of Proven Data, a global IT services company says that it’s important to "...always be on the lookout for fraudulent websites that are designed to imitate a major retailer website.” 

He explains that “these counterfeit websites are created by bad actors and hackers to trick people into 'shopping' on their website. Digital thieves then use your login credentials or credit card information to make other purchases or compromise your identity further.” 

So, what can online shoppers like you do to make sure the website you are shopping on is legitimate? 

Congionti suggests following these steps: 

• Check the URL on the website page to see if it has an official security tag (HTTPS). An HTTPS tag is a sign that the website uses high-grade encryption.
• Check the details on the website. Focus on the images, logos, language, and text. If something seems off, do not use that website. 

In addition to Cognionti’s steps, you can also try looking at the company’s social media presence and read reviews to verify legitimacy. 

Steve Weisman, Scam and Identity Theft Expert, suggests that you use websites that you are familiar with, especially if you are making large purchases. After all, using websites that you have used more than once in the past may not eliminate the chance of scams or fraud, but it can reduce your risk of falling victim to a fake website scam. 

He adds that you shouldn’t “trust a website to be legitimate merely because it turns up high in a search engine search. Sophisticated scammers are adept at manipulating the algorithms used by search engines to rank websites to place their phony websites high in a search engine search."

Now that you know what steps to take to prep yourself for online shopping, it’s time to know what to do as you look for the perfect gift. 

Below are a few steps you should take while you shop online this holiday season. 

Avoid clicking on Pop-Ups 

If you’ve ever shopped online, you probably have noticed that many websites have advertisement pop-up windows that catch your attention. 

Although they may look harmless, some pop-ups are scam-driven which is why Rials advises to not click on pop-ups, even if they are advertising attractive holiday sales. 

He explains “when a window pops up promising you cash or gift cards for answering a question or taking a survey or even offering a great deal, these could be social engineering attempts designed to convince you to open malware or click on a malicious link.” 

He adds that “often, it is challenging to close these windows with your mouse because criminals will disguise the close button 'X'  to appear normal, but it is actually a malicious link containing malware software code with nefarious intent.” 

Avoid using auto-save options 

Auto-saving passwords and other personal information can be tempting, especially if you know you’re going to return to a website more than a few times. Unfortunately, auto-saving can be risky. 

Rials explains that “the convenience of not having to reenter the information is insignificant compared to the significant amount of time you’ll spend trying to repair the loss of your stolen personal information.” 

It may be a pain to manually enter your information every time you want to make an online purchase, but it might save you plenty of headache and frustration down the road. 

When it comes to passwords, you can consider using a secure password management service like Lastpass. Generally, password managers are more secure than auto-save options. Even if you do use a password manager, you should still create strong passwords. Password managers may be more secure than auto-save options, but creating strong passwords and password habits adds an extra layer of security. 

Use strong passwords 

To create strong passwords, Rials says to follow these steps:

• Always use more than 10 total characters
• Use upper case letters, lower case letters, numbers, and special characters
• Establish a strong password for each online shopping account
• Use a password manager like LastPass, Dashlane, KeePass, 1Password, KeePass, EnPass, or others

He emphasizes to “avoid the temptation of using the same password at every online store. It may be convenient, but your online safety vastly increases when you use a separate and unique password for each account.” 

Rials explains that “if one online store experiences a cybersecurity breach in which your password is compromised, using the same password between accounts from different online stores makes it quick and easy for criminals to exploit you and your information.

Echoing Rials, like auto-save options, reusing your password might be more convenient, but it can lead to a long line of security issues and complications. 

Read also: Family Security Audit: How to Secure Your Passwords and 10 Expert Tips to Help You with Password Management

As you finish making your online purchases, it’s important to remember that all of the steps listed above cannot guarantee the protection of your identity and personal information online. 

Listed below are a few steps you can take that can help you stay on top of your online security after you finish your holiday shopping. 

Save receipts and vendor emails 

Many online websites send receipts and email updates once a purchase has been made. It’s important to keep these emails and receipts in case of the event that the website you purchased from is involved in fraudulent activity that affects you later on. 

Keeping a record of the receipt and emails can help with an investigation if a scam or fraud situation occurs. So, before you clear out your inbox, you may want to think twice about deleting emails from your latest online shopping spree. 

Check your credit card statements

If you used a credit card to pay for your online purchases, it’s important that you keep a close eye on your credit card statements after you use the card. 

When you regularly check your credit card statements, you’ll be able to see if there are any purchases that show up that you know you didn’t make. 

Jonathan Gossels, President of SystemExperts™ Corporation, an IT compliance and cybersecurity consulting services provider, agrees with Rials’ earlier statement that using one credit card can make it “much easier to recognize any fraudulent charges”. 

He explains that using one credit card makes things less complicated because you only have to check the credit card statement for the one card you used. 

Be ready to report theft 

If you do start noticing that your information has been stolen, it’s important that you take action and report the theft immediately. 

If the theft involves your credit card, make sure to also contact your credit card provider and let them know. Additionally, you may want to consider adding a credit/security freeze to your credit report.

Additional Protection 

When it comes to identity theft, you can never be too careful. Shopping online is risky, especially if you aren’t aware of common online scams and other threats. 

Although following the steps above can help you avoid becoming a victim, they can’t guarantee your safety. That’s why it can be a good idea to hire a professional identity theft protection service like Complete ID or IdentityIQ. 

Although identity theft protection services may cost you some money each month, the security you can receive from these services can save you from a massive headache of a situation as well as hundreds to thousands of dollars.