8 Tips for Safer Online Shopping

The holiday season is upon us, and now more than ever that means shopping on the Internet.

This past Black Friday saw $595 million in online sales, an 11 percent increase compared to Black Friday 2008, according to online market tracker comScore.

But with the comfort and convenience of buying presents from your couch comes with security risks that even the most vigilant shopper can take for granted.

The browser used to be just a place to access Web pages, but as more people makes financial transactions and store personal data there, the security of browsers has become vital to consumers at home and IT managers at the office.

[ For complete coverage on Microsoft's new Windows 7 operating system -- including hands-on reviews, video tutorials and advice on enterprise rollouts -- see CIO.com's Windows 7 Bible. ]

Microsoft has offered up tips on how to fortify your browser against viruses, spam and malware.

Naturally, Microsoft would prefer you use Internet Explorer 8, although it's worth noting that Internet Explorer has been losing market share throughout 2009, and Mozilla's Firefox, Apple's Safari and Google's browser Chrome all have security features of their own.

Internet Explorer 8: Five Security Features for Enterprise Users

Internet Explorer currently has 63.6 percent of the browser market share, a six percent drop from January 2009, according to Web metrics company Net Applications.

Here are eight (as in Internet Explorer 8. Get it?) ways to have a safer time shopping online.

Keep your computer's software and browser current. Microsoft's Download Center is a good place to start.

Protect your computer with firewall, antivirus, antispam and antispyware software. Click here for a list of security software providers.

Beware of phishing scams and malware. IE8's SmartScreen Filter feature alerts users if a Web site you are trying to access has been reported as unsafe and allows you to report any unsafe sites you find. SmartScreen Filter and other security features can be accessed in IE8 under the Safety tab in the upper right hand corner.

Protect yourself against cross-site scripting attacks. Cross-site scripting, or XSS, attacks allow malicious code to be injected into Web pages that can lead to identity theft. What's most unsettling about XSS: everything looks normal to the user while unauthorized access is being given to a hacker and sensitive data is being stolen. IE8 has a built-in XSS Filter that is always on.

Identify Fake Web Addresses. By highlighting the domain name of a Web address in black, IE8 makes it easier to see a site's true identity, thus avoiding getting fooled by a deceptive Web site.

Browse more privately. The InPrivate Browsing option in IE8, located under Tools, allows you to surf the Web without the browser storing data about your session. Temporary Internet Files, Web address history, cookies and passwords are all disabled.

Make Sure Payment Web sites Use Encryption. Any Web site that processes credit card information must use encryption. To make sure of this, look for: An "s" after http in the Web address - it should read https; a closed padlock icon in the address bar or at the lower-right corner of the browser window; a green address bar - IE8 uses green to indicate a trustworthy site.

Never Respond to Unsolicited Requests to Update Your Account Information. An e-mail asking to update account information might be a scam for stealing your identity. Legitimate companies never send unsolicited e-mail or instant message requests for your passwords or other personal information.

Shane O'Neill is a senior writer at CIO.com. Follow him on Twitter at twitter.com/smoneill. Follow everything from CIO.com on Twitter at twitter.com/CIOonline.

Subscribe to the Security Watch Newsletter

Comments