Take extra precautions when shopping online
With the holiday season upon us, a lot of people will be shopping online this year. For the most part, it’s pretty safe but there are some basic precautions worth remembering.
One risk when shopping online is to be sure you’re dealing with a legitimate merchant who is not only honest but also exercising a reasonable amount of security. One option is dealing with merchants you know. But that’s no guarantee when it comes to security.
Big names like Macy’s, Amazon, Target and Walmart have reputations to maintain and policies in place, but as millions of people who shopped at Target’s brick-and-mortar stores in 2013 learned, being big doesn’t mean they can’t suffer from data breaches. Amazon, just last week, sent some customers an email admitting “your password may have been improperly stored on your device or transmitted to Amazon in a way that could potentially expose it to a third party.”
Don’t necessarily shy away from smaller and less-known merchants, who sometimes offer extraordinary customer service and unique products. Plus, you’re supporting small businesses. But if you are dealing with a business you’ve never heard of, do a little research by typing their name into a search engine or customer review site to see what people are saying about them. If they have a phone number listed, give them a call. A phone conversation gives you a lot more clues than a website.
Regardless of the size of the business, use a credit card if possible or, if not, use a debit card, PayPal or some other payment service that offers fraud protection. Credit cards are best because if you do dispute a charge, the card issuer will remove it from the bill while it is being investigated. With other payment forms, you may be out-of-pocket immediately until the issue is resolved in your favor.
Be sure you’re on the legitimate website or using the official app of whatever merchant you’re patronizing. If you get an offer via email (or perhaps a “security warning”) don’t click on the link, but navigate directly on their site to make sure you’re not being victimized by a “phishing scam” directing you to a rogue site. Be very careful of sites with misspellings of legitimate merchant names.
Unique, long and hard to guess passwords are your biggest protection. The longer the password the better and it should not be a name or a word in the dictionary. One trick is to think of a long phrase that’s easy to remember like I met Sally Jones at Lincoln High School in 1985. Your Yahoo password could be the first letter of each word, upper case when appropriate with a symbol and numbers plus a reminder of what site it is like ImSJaLHSi!85YH. The YH at the end stands for Yahoo. Use different letters for each site that you’ll remember and change the password every six months or so or if you have any reason to believe it may have been compromised.
An even more secure method is to use dual or multi-factor authentication. Many sites, banks and merchants offer an option that allows you to require that you verify your identity with your cellphone whenever you log in from a new device. After you type in your username and password, you’re typically sent a text message with a short code that you have to enter to access the site. It’s slightly inconvenient but adds a big level of extra security and — in most cases — is only necessary when you’re using a new device to log in. This feature is also available for most Web-based email services, which is important because email is often used as a way of recovering passwords.
Also be certain the site has SSL (secure sockets layer) installed. You can tell by the presence of https (the S stands for secure) in the address bar. You may also see a lock icon in the lower right corner of your browser. SSL sites encrypt your data. It’s not a 100 percent guarantee, but it does add an extra layer of security.
Make sure you know the company’s return policy and pay attention to the final price, including shipping and tax. Shipping and handling charges can vary widely.
As always, keep your operating system and any browsers or apps you use up to date. That’s helps protect you against known security flaws that have been fixed.
There are also dangers associated with brick-andmortar shopping. Check your credit card statements online frequently to protect against fraudulent charges and data breaches against merchants and banks. When shopping in person, watch out for pickpockets, drive and park carefully and try to relax and smile at the clerks and your fellow shoppers. In today’s hyper-connected world, someone’s “Gonna find out who’s naughty or nice.”