Ten Tips for secure online shopping
This holiday season many Canadians wanting to avoid the hassle of visiting crowded shopping malls will look to the web as a quick and easy to purchase gifts for friends and loved ones.
Although the number of Canadians shopping online continues to grow, there are still many consumers who won’t shop online for fear they could be victims of identity theft.
The truth is that identity theft is a relatively rare occurrence and most identity theft occurs in using low tech off-line methods therefore most experts agree that shopping online is very safe provided consumers use some common sense when shopping online.
To help make shopping online more safe and secure, Digital Home presents the following Ten Tips for Secure online shopping:
- Only provide personal information if you’re on a secure Web site. Once you are logged in, make sure the Web address starts with “https”(”s” means it’s secure). For added safety, check for a site certificate before submitting information on a secure page. Confirm the owner of the certificate by clicking on the padlock icon at the bottom of most browsers. You should see the owner listed as well as the site address. This address should match the Web site address at the top of the page; if they do not match, you may be at a fraudulent Web site and should not enter personal data.
- Never respond to emails asking you to “confirm” recent transactions after you shop. These likely are “phishing” scams sent to lure private information from you.
- Maintain a paper trail. Print and save records of your online transactions, including the product description and price, the online confirmation/receipt, and copies of any email(s) you exchange with the seller.
- Do not share your passwords with anyone and never provide your social insurance number, birth date, or mother’s maiden name in an email.
- Make sure all of your security software is up-to-date before you do your online shopping. That includes anti-virus software, anti-spyware, and firewalls.
- Check a company’s privacy policy before doing business with it. A company should allow you to know what personal information its Web site is collecting, why and how it will be used. If you can’t find a privacy policy — or if you can’t understand it — consider taking your business to another site that’s more security-conscious and accommodating to customers.
- Consider using a separate email account for your online shopping. You can set up a free email account online through several different services.
- Check your bank and visa accounts regularly for any activity you did not initiate. This is especially needed during the busy holiday shopping season. You should be able to log on quickly and check to see if there is any unusual activity in your bank or credit card account that you did not initiate. If there is, contact your bank immediately.
- Do business with companies you know and trust. Research a company before revealing personal or financial information online. Confirm an online seller’s physical address and phone number in case you need to get in touch with them. If you get an email or pop-up message from the seller while you’re browsing that asks for financial information, don’t reply or click on the link in the message. Legitimate companies don’t ask for this information via email or pop-ups.
- Watch out for fake “look-alike” sites. Some con artists disguise their Web site as a well-known company’s site. Check your browser’s address bar to make sure you’re always using the correct Web site address. If the Web site seems suspicious, leave it immediately and call the company.
Finally and perhaps the most important piece of common sense when shopping online is one that is true when shopping offline – If it sounds too good to be true, then it probably is not true!
Or use a much more secure OS-LINUX for your banking and online purchases. You don’t need to give up MS Windows. Just down load Linux onto a boot able DVD. Use the Linux OS software only on financial transactions and banking. Then REMOVE the Linux DVD for completely secure computing, and back to your Windows. In this way all your computer transactions are completely isolated through Linux and then removed from your computer.
Excellent advice all-round, and I would like to add some additional tips and time-saving tricks that I regularly shout out to friends, family and customers.
1. Maintaining a paper-trail is as easy as printing the receipt to PDF and/or saving the confirmation-receipt email in an in-box folder named “shopping”.
2. Is your browser updated – if not you do not have the latest in security updates and that equates to vulnerability.
3. Check the company’s online inventory policy. Some ecommerce sites (especially the gift basket/food sites) swap out items you have ordered. This is not evident at check out. So a quick call to a human CSR might be in order. “am I getting what I purchased?” fair question.
4. Separate email, most larger carriers allow you 5-7 emails at home now. Create one just for shopping – even safer than web-based email.
5. Separate credit card with lower limit that has heavy security flag on it.
6. Fake is phishing … proceed with caution. If your kids are helping /Great/ but show them how to determine a site is secure. Security seals place on the site is not enough. The https and reviewing the url for proper spelling but even easier is to just notice the bright green url bar distinguishing extended validation SSL (the highest form of encryption.)
7. It is not uncommon for most people to subscribe to tech-news during the holiday. That way when you open your email you will be alerted of any recent attacks on the web. You might even want to do that all year round.
Happy Holidays from VeriSign employee