Online commerce is expected to hit 8 trillion dollars in sales by 2026, but data breaches of retailers have already compromised hundreds of millions of records. One in ten Americans have already lost money to cybercrime, and according to the FTC, “Online shopping issues were the second most commonly reported in the fraud category,” contributing to Americans losing $12.5 billion to fraud in 2024.
While this paints a grim picture for online retailers and shoppers, the good news is that you can reduce risk and still enjoy shopping online with advice from Safe Computing.
Avoid the costs of a retailer hack.
Online retailers are a prime target for hackers. Even reputable vendors like Cartier and North Face have lost data in recent cyber attacks. When a retailer is hacked, it can expose any data you shared while making a purchase, such as your name, address, and even payment information. Protect yourself by:
- Enabling Multi-Factor Authentication (MFA), especially on banking or other critical accounts. MFA makes it more difficult for hackers to gain access to your account even if they steal your login and password.
- Setting a secure password and never reusing passwords from site to site, so that if one account is compromised, others may remain safe. Remember to never reuse your U-M password on other sites! The hackers who attacked North Face exploited reused passwords from another data breach.
- Installing a password manager to organize all those unique passwords. Good password managers can create, save, and rate the strength of your passwords.
- Providing retailers only with the information required to make a purchase. The less you share, the less can be stolen by hackers.
- Declining offers to save your payment information on websites. Consider using digital wallet services, like Apple Wallet and Google Wallet, or a virtual credit card service.
Beware of fake stores and reviews.
Fraudulent retailers, insecure websites, and fake reviews are a constant danger while shopping online. Learn how to spot a fake shopping site, and protect yourself by taking these steps:
- Keep your web browser up-to-date. An updated browser helps secure your shopping connection and alerts you when you are being redirected to an unsecure site. Pay attention to warnings your browser gives you.
- Check that website URLs start with https – a sign that the website is encrypting your data to enhance security.
- Use trusted consumer ratings sites or check out reviews in reputable publications. Vendors can fake their own reviews or have others provide inflated ratings for their site and products.
- Use credit cards instead of debit cards to take advantage of easier dispute resolution and limited liability that is mandated by federal law.
Secure connections to protect your shopping.
It’s tempting to hop on an airport or coffee shop WiFi to sneak in some shopping or complete your holiday gifting, but public WiFi, by its nature, is insecure. The same convenience it provides you is also given to anyone looking to steal your data, especially since it’s unlikely to encrypt your connection.
Just like you wouldn’t stand in a store and shout out your banking or credit card information, you shouldn’t send them over public wireless. Consider these these options for securing your connection:
- Choose a secure wireless option if possible, or consider using your cell phone hotspot, which is more secure than public wireless.
- If you’re stuck needing to use public WiFi in a store, restaurant, or hotel, protect yourself with Safe Computing’s Security Tips for Using Public WiFi, in particular, take advantage of a VPN to secure your connection.
Offers that seem too good to be true usually are.
Promotional emails with time-sensitive deals can be tempting, but beware of unusually low prices, urgent sales that rush your decision, and any pushy sales tactics. Some offers may appear to be coming from reputable retailers when they are, in fact, fake shopping sites designed to steal your data and money.
Protect yourself by being skeptical of outrageous offers, and:
- Navigating to a vendor’s site instead of following links or popups, especially ones in social media and unsolicited email.
- Learning how to spot phishing and scams. The same tactics scammers use in phishing apply to fake shopping email, pop-ups, and scam sites.
- Never installing software downloads offered during online shopping. One of the most common threats of fake shopping sites are malware and adware they try to trick you into downloading.
- Only downloading vendor apps through the official app store for your device. App stores regularly scrutinize software.
Happy secure shopping from Safe Computing!
A little preparation and attention to detail can help you avoid or limit risks associated with shopping online. Visit Protect Your Online Shopping for a summary of online shopping tips, and consider checking out other Safe Computing guidance while you’re there. Happy shopping!
