Skip to main content Skip to search

Online Shopping Tips

Remember that there are risks to online shopping, so keep in mind these tips to help you become a cyber secure shopper;

  1. Stick with Reputed Retailers

When it comes to online shopping, always stick with reputed and trustworthy retailers. It is very easy for someone on the other side of the world to create a shiny web store to lure unsuspecting customers by “too good to be true” offers and defraud them by collecting their credit card payment information. If in doubt, a quick Google search about the website can help or better yet, just avoid the retailer in question. 

  1. Go Directly to the Retailer Website

You’re surfing the web and come across that perfect gift in an ad window.  You click on it, and a minute later, your order is placed, and that perfect gift is on its way…. but little did you know that when you clicked on that link, it allowed someone to monitor the whole transaction. Don’t trust links to retailers, as it may get you to the website to make your purchase but allow someone to “watch” without you knowing.  To combat this, when making online purchases go directly to the retailer’s site. 

  1. Always Check the Lock

The only way to be sure that your credit card number or other payment information you are submitting is encrypted and secure while flowing through the internet is if the “padlock” symbol on your browser is in locked position or green. This is a visual indicator that your “session” with the website you are connected to is secured using SSL encryption. This SSL indicator can vary from browser to browser, so make sure you identify how it works for the browser of your choice and looks for it anytime you are making an online purchase.

  • Fraudulent websites support SSL too and can give you a false sense of security. Therefore, always make it a habit to check the website address for any mis-spellings and then check for the “padlock”.
  • Another way to check on your session is to determine if you are on a website’s secure page when entering information is by looking at the web address itself.  If the web address is “”, then the pages you are viewing are insecure.  Web addresses with the added “s” (“https”), is another indicator that the session is encrypted to protect the transmission of your information.
  1. Reduce Your Payment Footprint

Reduce the number of times you end up keying in your credit card number and the number of places you save the numbers to reduce your risk of losing it. The easiest way to achieve this is by using services like PayPal (or Google Wallet, Visa checkout, etc.). You save your credit card number in your PayPal account and then use PayPal as your payment mechanism for all your online purchases. This way when you are ready to check out, instead of keying in your credit card number you can choose to pay using PayPal.  Additionally, you can configure your PayPal account for 22-factor authentication.

  1. Protect Your Mobile Device

Mobile devices can store credit card information to facilitate making transactions faster, as well as hold a treasure trove of other information about you, make sure that you protect your mobile device.  At a minimum, your mobile device should be password protected.

  1. Don’t Get Phished!

Be mindful of emails for phishing attacks.  In addition to emails to lure you to sites with the latest gadgets at the year’s best prices, you are being bombarded with emails related to your online shopping activities – order confirmation, order shipped, tracking information, etc.

The basic principles to protect yourself against “phishing attack” is to Never click a link or open an attachment that you did not expect to receive. Go directly to the website instead of using the link in the email if you would like to check the status of your order or package.  Read more in our  Fraud Prevention section.

  1. Protect Your Passwords

Password protection is the primary means of securing access.  Considering online retailers enable users to create a profile to provide ease of access for repeat transactions, having the means to protect that profile is essential.  Make sure that you use a password that is not only something that you can remember but something that is not easily deciphered.

  1. Patched and Up-to-date

Lack of patching is one of the leading causes of security issues for both computers and mobile devices.  It leaves equipment to be susceptible to known vulnerabilities.  The vulnerabilities vary, but some can lead to individuals taking over your machine, tracking all of your activity, or logging every keystroke you make.  Always keep your computers and mobile devices patched with the latest patches or operating system updates will help to reduce the security risk at your end of the technology chain during the transaction.  Always follow the Safe Computing Practices to help protect your information.

  1. Don’t use Public WiFi and Hotspots

Public Wifi and hotspots are beneficial and save us on using our data; however, they create a significant risk to allow individuals to gain access to your device or trace your activities. Even if you think you know everyone as your local coffee shop because you visit it every morning, resist logging into their free Wifi. Unless absolutely necessary, never use Public WiFi and Hotspots.