Holiday Shop Online Safely
Bluefly Cashmere Deal - This deal was real but looks too good to be true!
This holiday season we are very busy with career, family, housework, pet care, errands, and pampering ourselves with a nap or a good book when we can sneak it in. This leaves little time left to go to the brick and mortar stores to buy everyone that perfect gift they’ll love, so many of us turn to online shopping. But 1 in 20 Americans were at risk for identity theft during 2010 and that figure continues to change for the worse every year. So how can you shop confidently online? Here are some suggestions.
Before you start shopping at home with your computer, make sure it’s up to date. Check that you have allowed your computer to install all of its updates for the operating system and the web browser you’re using to shop. Also, make sure that you have virus/threat protection software installed, updated, and running since it will often help notify or block you from suspicious websites.
Be wary of emails or web links offering deals that seem too good to be true. It might not have come from that reputable source you trust, but instead from someone posing as the reputable company. Also be careful of emails or text messages to your phone from services you may know asking you to confirm your account information. Always find the real phone number for any store or service by calling information or looking up the number through Yellow Pages then call to ask if any information has been requested about your account. (If it’s a credit card company presumably contacting you, call the number on the back of your card!)
Be careful where you click. According to F-Secure, this year’s top gift searches are:
- Kinect for Xbox 360
- Apple iPad and iPod
- PlayStation 3
…which of course means that there are a lot of BOGUS links trying to lure you to click them so they can infect your computer with bad stuff, including Trojan horses that can steal personal information sitting in documents on your computer.
Check the store’s reputation. To me, a reputable online store has a physical store I can walk into as well, or it’s a service I know a lot of people use and have not had any major troubles with. If you absolutely want to help support smaller or unfamiliar online businesses by purchasing from them but you don’t know if they’re legit check the Better Business Bureau for any reports of suspicious activity. You just need to know in which state the business physically resides. Most websites provide this information at the bottom of their front page or on their Contact or About pages.
Use strong passwords for your online shopping accounts. Use a different password for each online account if possible. I know, *groan*, too many to remember, but if you keep your passwords in a safe place, such as your head or an actual locked safe or electronically stored in an encrypted document or password storing program, then it’s a lot less of a hassle than if your identity is stolen. And when you’re done with a site please log out of it before just closing your browser or hopping over to the next site.
Use PayPal to pay for online purchases whenever possible. This way you don’t have to give your credit card information directly to the online vendor. And make sure you change your PayPal password often — every 3 to 6 months — to keep it more secure than an account with a password that stays the same forever.
Use only one credit card to do your online shopping. If PayPal isn’t a payment option, choose to pay with a credit card, not a debit card, since your bank account could be wiped out in one fell swoop if a nefarious person gets ahold of it! Also, this way you know which credit card statement to check for irregular purchase activity. If anything doesn’t look right, compare the charge with your documentation of all online purchases. If you can’t match up the charge then contact your credit card company.
Don’t allow your credit card information to be saved in your online store account. You have no idea what security measures that store has in place for keeping your credit card information secure. And even if they promise you they’re secure today the next security vulnerability may be lurking around their front door.
Whenever possible, use virtual credit card numbers. These have a quick shelf life and can only be used for a specific number of transactions. Check with your credit card company to see if they offer this service.
Check your credit reports. There are three major credit reporting agencies: Experian, Equifax, and Transunion.You can request a free credit report from each one yearly, so if you stagger your requests you can obtain one free credit report every 4 months! If you see anything suspicious or inaccurate, contest it right away. Do all that you can to show that an entry on your credit report is inaccurate or fraudulent.
Put a credit freeze on your credit report. If you have no immediate plans to open new lines of credit then this is an awesome theft prevention mechanism. No accounts can be opened even if an identity thief has all of your personal information. The District of Columbia and all 50 states except Michigan, Missouri, and Alabama allow citizens to put credit freezes on their credit reports, but all three major credit reporting agencies have made their voluntary credit freeze available to residents of those 3 states. Caveat: Make sure to remove the credit freeze when you’re ready to apply for a home loan, car loan, credit card, etc.
Put a fraud alert on your credit report. If you think you’re the victim of identity theft notify all three major credit reporting agencies right away.
What do you do to stay safe when shopping online for the holidays?
For more suggestions on how to be a savvy online holiday shopper visit:
- F-Secure Safe and Savvy
- FTC’s Fighting Back Against Identity Theft
- Help Net Security
- Identity Theft Resource Center
Photo credit: Bluefly
Feature photo credit: Jim Robinson
Sadly, I can never remember my PayPal password. It’s irritating. But I know my AMEX number by heart. It’s the only card I use online.
@Megan G., I used to not be able to remember my PayPal password, which means it wasn’t the right password for me. I definitely recommend changing it to something you can remember or using a password manager to securely store it for you for when you need it. There are some pretty shady-seeming places on the web… and of course those are the places that have that one item we need for someone.
@Poppy, I have LastPass. Then I can’t access anything from work when I need to!
I stay away from shady places. There is nothing I need that badly.
@Poppy, Plus, you have to remember that I’m married to a fraud investigator. I’m always suspicious.
@Megan G., it’s ALWAYS better to be suspicious about something. I didn’t add a “trust your gut” paragraph, but that’s a good tip too.
These are great suggestions. Thanks, Poppy! I have a password app for my iPhone that will make up strong passwords and I don’t use it enough. I need to start.
@Lisa, Apple is very helpful with strong passwords, and with testing the strength of a password you come up with on your own. Love that.
I give this article an A + (the + is for using nefarious).
@Sybil Law, LOL, thank you! One of my favorite words.
This is fantastic, Poppy… everyone should read this.
@Faiqa, thank you. That means a lot. I hope one person learns something that helps them keep their personal information safe.
Great tips, Poppy!
I just wanted to add that the place to go to get your free annual credit reports for each agency is annualcreditreport.com — even there, you will be offered to purchase extra things, but if you just decline you don’t have to give any payment information. You might be able to get your report directly from each credit bureau now, but annualcreditreport.com is, as I understand it, the official site.
Another tip I’ve been hearing lately, though I haven’t adopted, is to acquire a separate, cheap computer that you exclusively use for online banking. This way, it is much less likely to be infected by any nefarious software.
@Ren, I had always meant to put annualcreditreport.com into the final post, thank you for mentioning it. As for the cheap computer to only bank on… gotta keep THAT one up to date too, and I know people think it’s a hassle to just keep their main computer up to date OS- and software-wise. The ultimate way I personally would be happy to do online banking is using lynx on a dumb terminal.