Safeguarding your sensitive information while online is important as the holidays approach.
Shopping online entails transmitting personal and financial data. Americans did $63.1 billion worth of shopping online from desktop computers during the 2016 holiday season. That was a 12 percent increase from the prior year, according to analytics company comScore.
So to help you prepare for this holiday shopping season, we’re rounded up key tips for protecting your wallet and identity online.
1. Check your anti-virus software
Before you do anything online, make sure you have anti-virus software installed that is up to date.
A variety of free programs are available. PC Magazine recently rated 10 that it considers the best of 2017.
You may also be able to download paid anti-virus software for free via your internet service provider. Check with your ISP to find out.
Once anti-virus software is installed on your computer, consider configuring the settings so that the program will scan your computer and keep itself updated automatically rather than manually.
To learn more anti-virus basics, check out the “Understanding Anti-Virus Software” page on the website of the U.S. Computer Emergency Readiness Team, or US-CERT, a division of the Department of Homeland Security.
2. Avoid public Wi-Fi networks
Public Wi-Fi connections — like those at businesses ranging from coffee shops to hotels — are generally less secure than private connections.
Among other risks, that means someone else can intercept personal or financial information you enter while shopping online over a public Wi-Fi network. As the nonprofit Identity Theft Resource Center puts it:
“… even as connection speeds and availability reach practically everywhere we go, one thing about public [Wi-Fi] hasn’t changed: the potential for hacking, data breaches and identity theft.”
3. Look for “https”
Before transmitting any information to a website — whether you’re on the login page or the payment page — check the address to be sure it begins with “https,” as opposed to “http.”
That “S” stands for “secure.” It indicates that a website is secured by SSL, which the cybersecurity software company Symantec describes in layman’s terms as “the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details.”
“[SSL] uses encryption algorithms to scramble data in transit, preventing hackers from reading it as it is sent over the connection. This information could be anything sensitive or personal which can include credit card numbers and other financial information, names and addresses.”
4. Check website safety ratings
Cybersecurity software companies and other organizations provide free online tools that rate websites based on their security. Examples of these tools include:
- Norton’s Safe Web (Note the “Ecommerce Safety Information” section when looking up shopping sites.)
- AVG’s Threat Labs
- Trend Micro’s Site Safety Center
To use these tools, simply enter the address of a website you want to check.
5. Choose passwords wisely
Each month, it seems that another major company’s website is hacked. With that in mind, it’s more important than ever to avoid reusing the same password on multiple websites.
Think of it this way: The more websites for which you use the same password, the more of your accounts a hacker can access if your password for any one of those websites is compromised.
Here are a few password best practices from the US-CERT:
- Don’t use passwords based on personal information that can be easily accessed or guessed.
- Use a combination of capital and lowercase letters, numbers and special characters.
- Don’t use words that can be found in any dictionary of any language.
- Develop mnemonics such as passphrases for remembering complex passwords.
To learn more about the growing trend of passphrases, check out “Should You Replace Your Passwords With Passphrases?”
6. Use two-factor identification
Enable a cybersecurity feature known as “two-factor” or “two-step” identification — or two-factor or two-step authentication — on your accounts for all websites that offer it.
As a result, you — and potential cybercrooks — will need more than one password to access any online accounts for which you’ve enabled the feature.
Specifically, after you enter your standing password when logging into a website, you’ll be asked to enter a one-time string of characters that’s sent to your phone. It is often sent via text message or special app.
Two-factor identification is available for a variety of email, retail and financial websites, among other types. To learn more, check out “A Free and Easy Way to Shop the Web More Securely.”
7. Pay with a credit card
Credit card transactions are protected under the Fair Credit Billing Act.
This federal law provides you certain consumer protections, like the ability to dispute billing errors and to withhold payment while your creditor investigates the disputed charges.
Perhaps more importantly, the law generally limits your responsibility for unauthorized credit card charges to $50.
To learn more, check out the U.S. Federal Trade Commission’s “Disputing Credit Card Charges” page.
What’s your best tip for safe e-shopping? Let us know by commenting below or over on our Facebook page.