Many of us have traded in-person browsing for the great wide world of online shopping throughout the coronavirus pandemic. Although online shopping has its obvious conveniences and an endless array of potential purchases, it can also make you more susceptible to scams and phishing.

We know you love shopping as much as we do, so we talked to Russell Moore*, a certified information security professional at Computex Technology Solutions in Houston, to learn the best safety measures to practice while you shop online for your favorite deals.

Be creative with your password.

Do not use the same password for every site that you shop, and do not choose obvious passwords such as your birth month or your dog's name, Moore says. Make sure the characters are at least seven letters long and include a symbol. “Sometimes it’s good to use a phrase and apply some randomness to that,” he says.

To keep up with various passwords, use a password vault like LastPass.

Have a designated credit card as you shop.

Having a credit card with a limited credit line strictly for online shopping will allow you to keep track of transactions in an organized fashion while protecting your primary bank from potential breaches or fraud. “If somebody does compromise that account and you wake up and suddenly a lot of your funds are missing from your account,” Moore says, “that's always a stressor versus somebody just exploiting a credit card that has a limited credit line on it.”

Be cautious of advertisements.

As much as we all love a great deal, advertisements have become a prolific force as people shop online. Although most of the ads are credible, be wary of deals that appear too good to be true.

Verify social media postings.

“You cannot get on Facebook or Instagram today without an ad trying to sell you something,” Moore says. You should always visit the company's formal website—not the ad—and shop directly from there. Also, verify the company’s location (Is it coming from another country?) to be aware of the shipping rates and customer service challenges, if any.

Use well-established brands and websites.

While using these sites, follow basic security guidelines such as ensuring data anti-malware is up to date. Phishers can fake a website, Moore says, so to make sure the site you think you’re shopping on is actually the site you’re on, look for the lock symbol next to the url in the browser. Click on it, and verify the site details match with the company.

Consider checking out as a guest.

When dealing with local merchants or vendors, consider checking out as a guest to avoid giving additional information. Doing so allows you to shop freely and securely. If you create an account, Moore says, then that website will start to remember you. “It will create data elements around your history, and they end up selling that information to beta harvesters and marketing companies.” 

Pay attention to your email.

Be wary of potential phishing emails that tell you your account has been temporarily suspended. This is could be a ploy to get your login credentials or payment information, Moore says. If you receive an email from companies such as Amazon or PayPal, never click on the link in the email. Instead, any security changes should be made directly from the site. 

Monitor your credit score and report.

Take advantage of free resources such as CreditKarma, which offers free services to monitor your credit. Doing so helps to filter out bad actors that are attempting to open credit accounts or breach information.

Give a prepaid debit card to your kids.

If your kids love shopping just as much as you, try a prepaid debit card with a fixed amount of money to control the amount they purchase while also lowering the risk of liabilities.

Additionally, set up parental controls on in-app shopping. The biggest thing, Moore says, “is if you allow your kids to shop on sites like Amazon, which is probably going to be where most people online shop, just make sure you have controls in places they are spending on so they can’t randomly go crazy.”

*Correction: The source's name has been corrected. 

Filed under
Show Comments