(USA Today) Love online shopping? You're not alone.
The National Retail Federation predicts online retail will grow 8-12% in 2017, up to three times higher than the growth rate of total retail sales.
Clearly, many enjoy the benefits of online shopping. You don’t have to fight traffic to drive to the mall and circle the parking lot. Online stores are open 24/7, and you can wear your pajamas. It’s easy to compare prices between multiple retailers and read both customer and professional reviews of products before you buy. Product selection is vast, to say the least, including many stores and unique items sold outside of the country. And, hey, products are shipped right to your door (and with Amazon Key, even dropped inside your door, too).
But to shop online safely, and protect your personal identity from malicious types, take heed of these online shopping safety tips, ahead of next month’s Black Friday and Cyber Monday.
Look for the padlock
Always use a secure Internet connection when making a purchase. Reputable websites use technologies such as SSL (Secure Socket Layer) that encrypt data during transmission.
What does that mean to you?
Look for the little padlock in the address bar or a URL that starts with “https” instead of “http,” as the “s” stands for “secure.” Some browsers will tell you it’s safe to give out your credit card by showing you a green address bar, while unprotected ones will be highlighted in red.
Use a secure payment method
Only shop on sites that take secure payment methods, such as credit cards and PayPal, as they likely give you buyer protection just in case there’s a dispute.
In other words, you won’t be held liable for fraudulent charges. Even before it gets to that, you might be notified by your credit card company or bank if suspicious activity is detected.
It’s always a good idea to review your account transactions online or go through monthly paper statements to see if anything looks questionable.
Beware of sites and apps that only accept money orders, wire transfers, or checks.
Look for well-known security labels such as DigiCert, VeriSign, and other seals.
A strong password is at least seven characters long, has a combination of letters, numbers and symbols, and with some uppercase characters, too. Change passwords routinely. Or use password management apps if you’re worried you won’t remember the password.
Many opt for a passphrase instead of a password, which is typically a long sequence of strung-together words, but perhaps with a number and symbol in there, too. For example, the sentence “My dog Eddie has a birthday May 15!” could be used to create a passphrase like “Md3habM15!”
It's good to reset your shopping passwords every so often, just in case someone guesses them, or if there’s a data breach at an online retailer. And never use the same password for all online shopping sites (or other Web activities, like online banking), as once someone guesses one password, they’ll have free reign over everything else.
Do your homework, don’t be naive
When on marketplaces like eBay, check the seller’s reputation and read comments before buying a product to see what the experience was like for past customers. You can always ask a question of a seller and reputable ones will reply in a timely manner. Also, read the item description carefully before you buy, including where the seller is located, shipping charges, if the product is new or used, refund and return policies, and payment methods accepted.
Also, don't forget about the No. 1 tip about shopping: If it seems too good to be true, it probably is. Avoid unbelievably hot “deals” from unknown merchants, such as someone selling an iPhone 8 for $200.
Ignore emails or texts that claim to be from a retailer (or your bank or Internet Service Provider). These “phishing” attempts look legit, but it they ask you to confirm your financial or personal details on a website, they’re fake. They’re trying to lure you to click a link in the email, which takes you to an authentic-looking website, and fool you into typing in information.
Watch out for fake shopping apps
As we saw last year, hundreds of phony retail apps popped up in Apple’s App Store and Google Play (for Android devices), in the hopes of tricking shoppers into downloading and using them.
Similar to “phishing” emails that look like they’re from legitimate stores, these counterfeit apps — complete with an authentic-looking logo and marketing messaging — want your credit card information to steal your identity. Some have been found to contain “malware” (malicious software) that can also infect a mobile device, while others ask you to log in with Facebook credentials to lift personal data.
Be sure you’re downloading the legitimate app by getting it from the company’s official website or, if downloading from an app store directly, check to see it’s been around for a few years and has high ratings from many users. Never be the first to download a new shopping app.
If you’re interacting with brands on social media, make sure they’re “verified,” with the little blue checkmark by their profile, which means the company is legit.
Avoid shopping on hotspots
Try not to do any online shopping when you're using a public computer (such as in an airport lounge) or when you're using a public Wi-Fi network (say, at your favorite coffee shop or in a hotel lobby). You never know if your information is being tracked and logged — so it's best to wait until you get home. Or use your smartphone as a personal hotspot, which is safer than free Wi-Fi.
Another tip is to use gift cards, like many retailers offer, as a smart way to shop without providing any financial information.
On a related note, keep your devices up to date by turning on “automatic updates.” This includes your web browser and third-party add-ons, which could warn you if you land on suspicious websites.
Always have good anti-malware (“anti-malicious software”) installed to catch threats like viruses.
Follow Marc on Twitter: @marc_saltzman. E-mail him at email@example.com.