Skip to main content

A guide to shopping safely online

Shopping online is so much more pleasant than going out to the high street. You don't have to change out of your pyjamas, or struggle through traffic, and you don't have to wrangle with other shoppers at the sale table. Be careful, though, or you might become a commodity for sale. Here are some tips to keep your online shopping worry-free.

Don't get lazy

Many shopping sites invite you to set up an account so you won't have to re-enter your payment information next time. It does seem convenient, but you're much better off filling in the details each time. Otherwise, if your shopping site gets hacked, the bad guys will have all your personal details – and maybe even your credit card number. You might expect the merchant would encrypt this sensitive data, or at least the credit card numbers. You might be wrong.

Clearly you have to give the merchant your address, otherwise they won't know where to send the merchandise – but do leave any non-required fields blank. And if the order form asks for too much in the way of personal information like your bank account number, navigate away immediately. There's no reason an honest e-tailer would need that information. While you're at it, opt out of all communication other than what's necessary to track and complete your order.

Skip email scams

I get email alerts from a number of online merchants about new items and new sales. Even for these expected alerts, I never click a link in the message. Rather, I navigate to the merchant's website and view the new items there.

Email is intrinsically insecure. A fraudster can fake a message that looks totally valid but directs you to a fake ecommerce site. They're not going to ship you anything that you "buy" on the fake site. Worse still, you've given them your credit card number along with your address and other personal information. Just get out of the habit of clicking links in email.

Don't get phished

A phishing site mimics a legitimate shopping or ecommerce site, but when you log in you've given your credentials away to the scam's perpetrator. If you refrain from clicking links in email messages you can avoid most phishing scams, though you may occasionally find a fraudster "typo-squatting" on a domain name that's just a little off, like for

For added protection, enable phishing protection in your browser, and use your security software’s built-in anti-phishing measures. These days, many security programs have their own plug-ins for browsers, which provide big green ticks on search results to show web pages are safe, or big red warning signs for dodgy ones.

Keep your virtual cash safe

When making a credit card purchase in person, there's no way you'll accidentally order one dozen gizmos when you only wanted one. You'll notice, the merchant will notice, problem solved. There's no such safety net online, so be very, very sure your order is correct and always print or save a copy for reference.

Debit cards don't offer the same kind of purchase protection you get from credit cards; avoid using them for online purchases. Some credit card issuers offer a service that generates one-time card numbers for use in online shopping. The card number is good for only one transaction. The merchant never sees your actual card number, but the purchase shows up on your normal bill. Getting a one-off card number is a little more effort than just typing the number from your card, but making that effort could save you big-time headaches.

Cover your tracks

When you finish shopping online, shut down the browser. You don't want to take the slightest chance that someone else could sit down at the computer and use the Back button to return to your transaction. Better still, wipe out all traces of recent browsing. In IE, Firefox, and Chrome, pressing Ctrl+Shift+Del brings up the trace-cleanup feature.

IE, Firefox, and Chrome all offer a mode that lets you surf without retaining any traces. IE calls it InPrivate Browsing, Chrome calls it Incognito Mode, and Firefox just calls it Private Browsing. If you remember to switch into this mode before starting your online shopping spree you won't have to worry about cleaning up afterward.

Use common sense

Criminal coders write malware to make money. A drive-by download introduced by a poisoned banner ad could plant a credit card stealing Trojan on your system. Don't even consider shopping online unless you've installed a highly rated antivirus program or, better yet, a full security suite. Be sure to keep your protection up to date, too.

Frequently, malicious code exploits vulnerabilities in Windows, the browser, or third-party programs to plant its sneaky self on your PC. For safety, configure Windows Update to install all important updates automatically. Also ensure that the likes of Adobe Reader and Flash are up to date, to plug any potential holes. Some security suites will keep tabs on all your critical programs and tell you when updates are available.

Keep these tips in mind, use your common sense, and you can enjoy the convenience of online shopping in safety.