Insights: Article

4 tips for safe online shopping this holiday season

Is your organisation cyber safe?

Contact our cyber security experts for a confidential discussion.

Online shopping has soared in popularity in recent years, especially during the COVID-19 pandemic.

Over 90% of global Internet users visit online retail stores, while more than five million households in Australia alone shop online each month. These figures skyrocket with the festive season, with more than 30% of Australians hitting online stores over Christmas. But just how safe is all that online shopping? While it’s become the convenient and preferred way to shop for many, it also comes with a risk – cyber criminals like online shopping too!

With the online shopping season in full swing and the sales about to hit during the holidays, now is a good time to remain vigilant and get up to speed with safe online shopping practices. In our latest Cyber Tip of the Month, Kinetic IT’s Business Technology Specialist, Kath O’connor, shares her top tips for safe online shopping this festive season.

PROTECT+ Cyber Tip of the Month safe online shopping

How do cyber criminals target shoppers?

In 2022, the Australian Cyber Security Centre’s (ACSC) ReportCyber line received a report of a cyber crime every seven minutes. Their latest Annual Cyber Threat Report found that of more than 76,000 reports, 27% were a fraud-related cyber crime, 14% were online shopping scams, and 13% were online banking scams.

It’s clear that cyber criminals are targeting online shoppers more than ever, in attempts to steal money and obtain personal details. There are many ways to do it, from creating fake online stores and websites to selling fake replicas or products that don’t exist. They can send fake emails or text messages which appear to be from a reputable website, and trick receivers into clicking links and installing malicious software or sending personal information such as credit card details. Cyber criminals also attack online stores to steal shoppers’ login and payment information which they can use for identity theft and to make fraudulent purchases.

There are many potential cyber risks when hitting online shops. To help you stay safe online this festive season and beyond, here are four useful tips for safe online shopping.

RELATED CONTENT: Keeping your kids safe online these school holidays

1. Use secure devices

The first step in safe online shopping is making sure your device is secure. Whether you prefer to use a laptop or a smartphone, always install antivirus or anti-malware software on your device.

The second step is securing your internet connection. When connecting to the internet, always use a trusted network such as your home Wi-Fi or 4G/5G cellular. Avoid using public Wi-Fi at shopping centres, cafes, hotels, or other public locations, to log in to online accounts or make online purchases. While public Wi-Fi is often free, it’s highly vulnerable to hackers who can hijack or intercept the Wi-Fi signal and see everything you do on your device. So, if you log in to your online accounts or make online purchases, a hacker can easily obtain your username, password, and other personal information like your phone number, address, and credit card details.

Once you’ve finished a session of online shopping, always log off from your accounts. This is particularly important if you share a device.

RELATED CONTENT: Cyber hygiene: 4 easy tips to keep your data safe

2. Use trusted online retailers

It’s very easy to create a bogus website or online store that will take your money and never send your purchases. While it’s best to only buy from reputable online retailers you know and trust, there are times when you may want to buy from a new online retailer. If you want to ensure a safe online shopping experience, you’ll need to learn how to spot a fake!

How to check if a website is safe to buy from

Check the SSL certificate
SSL means ‘Secure Sockets Layer’. It’s an encryption method that websites should have if they ask for personal information like your credit card details. To check if a website has an SSL certificate, make sure the URL starts with HTTPS, not HTTP. The S means ‘secure’. You can also look for a padlock icon in the URL bar.

Look for comprehensive information
A legitimate online shopping website will have visible contact information such as phone numbers and an address. They will also have good information about their delivery and returns policies. You can search their address details to see if it’s a real and verifiable location. If not, don’t buy from that website.

Read the privacy policy
As a legal requirement in many countries, reputable online stores will have a clear privacy policy on their website. The privacy policy will explain how the business uses sensitive data from its customers, such as credit card details. If they don’t have one, it’s best to avoid that online retailer.

Check the customer reviews
Reviews can be a great tool for safe online shopping. However, customer reviews on websites can be faked, so always go to trusted review websites such as Google and Trustpilot to see the experience of other customers before you purchase.

If it’s too good to be true, it probably is
It’s great to find your favourite item heavily discounted online, but as the adage says; it’s usually too good to be true. This shopping season, remember that it might be better to pay that little bit more from a reputable retailer to ensure you get what you paid for.

RELATED CONTENT: Common cyber security mistakes and 3 simple ways to fix them

person holding a credit card and using a laptop safe online shopping

3. Protect your payment information

So, you’ve secured your device and chosen a trusted online retailer. The next step in a safe online shopping experience is protecting your money. Here’s how to keep your payment information safe.

Don’t save your payment information
Never save your payment information on an online shopping account. Even if you regularly shop there, you should always take the extra few minutes to input your payment information every time you buy.

Manage your passwords
One of the most important parts of safe online shopping is using long and complex passwords for your online accounts. Make sure you use a different password for each account. If you have trouble managing all your passwords, you can use a trusted password manager that uses encryption methods to help. It’s also ideal to turn on multi-factor authentication (MFA) to add an extra layer of security and protect your online accounts.

RELATED CONTENT: What is the most secure multi-factor authentication method?

Use secure payment methods
Never pay by direct bank deposit, money transfers or digital currencies such as Bitcoin, as it’s more difficult to recover money sent that way.  The best payment methods are by credit card or PayPal as you can stop or recover payments far more easily.

Get a second credit card
If you really want a safe online shopping experience, you can use a secondary or temporary credit card dedicated to making online purchases, instead of using your regular credit card. Your second credit card should have a low credit limit, so if your credit card details are stolen, it will minimise the financial loss and not impact other payments or bills which may come out of your normal credit card. Some credit card companies will even issue you a temporary credit card to make a one-time purchase. If hackers do steal your credit card details, they won’t be able to make any other purchases.

4. Be aware of fake delivery scams

A safe online shopping experience doesn’t end once you’ve bought your items. You’ll need to remain vigilant until you’ve received your purchases – right up until delivery. A common delivery scam is sending fake links to your device or mobile phone that trick you into downloading malware or sending personal details. There are a few ways to avoid falling prey to these scams.

Track your parcels safely
Always track your packages using the courier’s apps or website portals, such as the Australia Post parcel tracking portal. You can enter your parcel or tracking number and get the correct information.

Don’t click on links
Never click on any suspicious links received via text message or email.  If you are unsure the delivery notification or request for information is valid, call the courier to confirm or head directly to the courier’s website. You can also contact the online retailer to get the details of their courier.

RELATED CONTENT: 8 ways to improve your cloud security and protect your data

Useful resources for safe online shopping this season

Keep these links handy this shopping season.

Online shopping scams

Head to ScamWatch to find more information about online shopping scams.

Report a cyber crime

If you, or someone you know, has been a victim of a cyber crime, report it to the ACSC. If you’ve lost money to a scam, here’s where to get help.

Suspicious activity

If you’ve noticed any suspicious activity, you can report a scam to ScamWatch.

Need cyber advice?

When in doubt, you can contact the ACSC’s cyber security advice line on 1300 CYBER1. If you need cyber security advice for your business, get in touch with the cyber security experts at PROTECT+.

Find out more about how to stay safe online and read more cyber tips on the PROTECT+ website.

Is your organisation cyber safe?

Contact our cyber security experts for a confidential discussion.

ISG Provider Lens™ ServiceNow Ecosystem Partners 2024 Report.

We respect your privacy and will never share your information. Privacy Policy