7 Ways to Guard Your Wallet and Identity When Shopping Online
Safeguarding your sensitive information while online is crucial as the holidays approach. Here are seven tips to help. Safeguarding your sensitive information while online is as important as the holiday’s approach. Shopping online entails transmitting personal and financial data. Americans did $69.1 billion worth of shopping online during the 2015 holiday season. That was a 13 percent increase from the prior year, according to analytics company comScore.
So to help you prepare for this holiday shopping season, we’re rounded up key tips for protecting your wallet and identity online.
Check your anti-virus software
Before you do anything online, make sure you have anti-virus software installed and that it’s up to date. A variety of free programs are available. PC Magazine recently rated 10 that it considers the best of 2016. You may also be able to download paid anti-virus software for free via your internet service provider. For example, Comcast’s Xfinity offers subscribers programs like Norton Security Suite, a $160 value, for free. AT&T offers certain subscribers its Internet Security Suite by McAfee for free.
Once anti-virus software is installed on your computer, consider configuring the settings so that the program will scan your computer and keep itself updated automatically rather than manually. To learn more anti-virus basics, check out the “Understanding Anti-Virus Software” page on the website of the U.S. Computer Emergency Readiness Team, or US-CERT, a division of the Department of Homeland Security.
Avoid public Wi-Fi networks
Public Wi-Fi connections, like those at businesses ranging from coffee shops to hotels, are generally less secure than private connections. That means that, among other risks, someone else could intercept personal or financial information that you enter while shopping online over a public Wi-Fi network. As the nonprofit Identity Theft Resource Center puts it:
“… even as connection speeds and availability reach practically everywhere we go, one thing about public [Wi-Fi] hasn’t changed: the potential for hacking, data breaches and identity theft.”
Look for ‘https’
Before transmitting any information to a website, whether you’re on the login page or the payment page, check the address to be sure it begins with “https” — as opposed to “HTTP.”
That “S” stands for “Secure.” It indicates that a website is secured by SSL, which the cybersecurity software company Symantec describes in layman’s terms as “the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred…”
“[SSL] uses encryption algorithms to scramble data in transit, preventing hackers from reading it as it is sent over the connection. This information could be anything sensitive or personal which can include credit card numbers and other financial information, names and addresses.”
Check website safety ratings
Some organizations, like cybersecurity software companies, provide free online tools that rate websites based on their security.
Examples of these tools include:
- Norton’s Safe Web (Note the “E-commerce Safety Information” section when looking up shopping sites.)
- AVG’s Threat Labs
- Trend Micro’s Site Safety Center
To use these tools, you simply enter the address of a website you want to check.
Choose passwords wisely
It seems that another major company’s website is hacked every month. With that in mind, it’s more important than ever that you don’t reuse the same password on multiple websites.
Think of it this way: The more websites for which you use the same password, the more of your accounts a hacker can access if your password for any one of those websites is compromised.
Here are a few password best practices from the US-CERT:
- Don’t use passwords that are based on personal information that can be easily accessed or guessed.
- Use a combination of capital and lowercase letters, numbers and special characters.
- Don’t use words that can be found in any dictionary of any language.
- Develop mnemonics such as passphrases for remembering complex passwords.
To learn more about the growing trend of passphrases, check out “Should You Replace Your Passwords With Passphrases?”
Use two-factor identification
Enable a cybersecurity feature known as two-factor or two-step identification — or two-factor or two-step authentication — on your accounts for all websites that offer it. As a result, you — and potential cybercrooks — will need more than one password to access any online accounts for which you’ve enabled the feature.
Specifically, after you enter your standing password when logging into a website, you’ll be asked for a one-time string of characters sent to your phone. It is often sent via text message or a special app. Two-factor identification is available for a variety of email, retail and financial websites, among other types. To learn more, check out “A Free and Easy Way to Shop the Web More Securely.”
Pay with a credit card
Credit card transactions are protected under the Fair Credit Billing Act.
This federal law provides you certain consumer protections, like the ability to dispute billing errors and to withhold payment while your creditor investigates the disputed charges.
Perhaps more importantly, the law generally limits your responsibility for unauthorized credit card charges to $50. To learn more, check out the U.S. Federal Trade Commission’s “Disputing Credit Card Charges” page.