You need to buy some gifts. You need to buy them quickly. You can (a) brave the madness of holiday retail shopping at your local mall, rife with screaming children and airborne contagions, or (b) kick back at home and buy all your gifts online, accompanied by nothing more obnoxious than a warm cup of cocoa—or a cold glass of wine.
We’ll take the online shopping option. We’re civilized adults at PCWorld, and we’re not interested in rubbing shoulders with rabid mall zombies unless we have to.
But the world of online shopping isn’t all hot chocolate and chardonnay. Buying gifts via a Web browser certainly speeds up one’s shopping regimen, but it also bears risks. Here are 10 easy ways to lock down your Web security this season, and still get all your shopping done in time.
Keep your browser updated
Start at the beginning. Whether you use Chrome, Firefox, or Internet Explorer, updating your browser will help to ensure that you’re getting the most up-to-date security protection.
Using Windows Update will take care of Internet Explorer. Firefox and Chrome should keep themselves current by automatically checking for updates.
To confirm whether you have the latest version of Firefox, click the Firefox tab in the top-left corner, find the help menu, and click About Firefox. In Chrome, click the settings button at the top-right corner of the window and click About Google Chrome; if you see a green checkmark, that means you have the latest version.
Install malware-protection software
Another thing to check before you binge-shop is your security software. The market has no shortage of utilities dedicated to protecting your computer from malicious attacks. G Data Internet Security, Norton Internet Security, and Bitdefender are all applications that have tested well at PCWorld.
You can even find plenty of free applications for protecting your computer from malware and Internet attacks that could result from an unfortunate online shopping session. The bottom line: Antimalware programs can’t protect you from all attacks, and they certainly can’t catch “social engineering” exploits. But in this day and age, it’s silly not to use some sort of baseline protection.
Buy from reputable online stores and sellers
If you’ve never heard of the site you’re considering a purchase from, you have a number of ways to make sure it is legitimate.
Third-party organizations such as the Better Business Bureau Online and Truste give seals of approval to sites that meet their security and privacy standards.
Also, comparing products on sites like Bizrate can give you confidence that you’re getting a fair price.
For example, searching for “iPad” on Bizrate provides a list of online retailers that sell the tablet, offering you an easy way to compare prices and read firsthand customer accounts of their experiences with specific retailers.
Look for the address-bar padlock symbol
A webpage should always be Secure Sockets Layer (SSL)-encrypted if you plan to use your credit card information to shop. SSL encryption ensures privacy by restricting the computers that can access the data being transferred, limiting access to you and the online retailer exclusively.
Most browsers indicate that the encryption is active with a padlock icon near the address bar, and the URL is preceded with https:// instead of http://, as shown below.
Give out as little information as possible
Beware of nosy questions seeking personal information. For instance, a reputable online retailer will never need your Social Security number.
Generally it’s a good practice to give out the least amount of information the seller requires, so look over the required fields on forms and fill them out accordingly. Use the minimum number of fields that will allow your purchase to proceed.
Never give out your credit card number over email
It’s simple: Legitimate retailers will never ask for your credit card information or other sensitive personal details over email.
As mentioned above, the only time you should give out your credit card number and other personal info online is when you are on an SSL-encrypted webpage operated by a trusted retailer.
Use online payment services such as PayPal
Services like PayPal, Bill Me Later, and PaySimple keep your credit-card information stored on a secure server, and then let you make purchases online without revealing your credit details to retailers.
PayPal also says that it monitors accounts for suspicious activity and covers most unauthorized transactions.
If shopping on a mobile device, stick to apps you know
Why power up the computer when you can shop easily from your smartphone?
Mobile shopping presents its own set of security issues, but a good rule of thumb is to use apps that came directly from retailers, and to make purchases inside those apps, if possible.
It’s also wise to download apps only from sources you trust, such as the Apple App Store or Google Play.
Lastly, never make purchases over public, unsecured Wi-Fi. For example, connecting your phone to Starbucks’ Wi-Fi and then shopping on Amazon could leave your personal information at risk.
Know your rights
In the United States, online purchases you make with a credit card are protected by the Fair Credit Billing Act, which limits your responsibility for fraudulent or erroneous charges to $50.
Consumers are required to write a physical letter within 60 days detailing any complaint to the retailer, with a return receipt acting as proof that the creditor received the letter.
The Federal Trade Commission provides an example letter, so all you need to do is fill in the blanks with your information.
Use common sense
If a deal online seems too good to be true, it probably is.
If anything seems suspicious—for instance, if a retailer refuses to provide details on a product or avoids answering billing questions—the best practice is to avoid it and shop with a tried-and-true online retailer instead.
Additionally, you should never feel pressured to give out information. If a retailer is requesting something from you that makes you uncomfortable, it’s probably time to take your business elsewhere.
For more online shopping tips, check out these sites: