Louisville Geek’s 2022 Guide to Safe Online Shopping

Black Friday, Cyber Monday, seasonal sales and silver bells: the holiday season is upon us. Forrester estimates some $230 billion will be spent online this gift-giving season with online purchases counting for almost a quarter of all holiday sales. Here are 10 tips for keeping your credit card details, financial data and personal information safe when checking out online.

1. Buy only from reputable sites

Despite the temptation to pay 40 percent less than the regular retail price purchasing a popular item from an unfamiliar vendor, stick with reputable, trustworthy online merchants. Often merchandise sold as new by less reputable outlets are, in fact, reconditioned, refurbished, used or even counterfeit products. Shopping only trusted sites also helps ensure the personal details you provide—including sensitive payment information—isn’t leaked or used inappropriately.

2. Confirm secure connections

Whenever making a purchase online, first ensure the site to which you’re connected is secure. The Web address should include the “https:” prefix and a padlock icon within the address bar, indicating the site’s communications and transaction information are encrypted, thereby protecting your personal information and payment details from being intercepted by unauthorized parties. Never make a purchase on a website that doesn’t feature https: security and the corresponding encrypted payment process.

3. Create an alternative email address for purchases

Almost every online purchase requires providing an email address. While there are legitimate reasons for requiring an email address—such as the merchant’s need to know where to send purchase confirmation and shipping information—you don’t necessarily need to provide your primary email account. Online sites frequently present pre-approved checkboxes authorizing sending you marketing messages, sales promotions and special offers from third parties. Consider creating and maintaining an alternative email address—such as a Gmail, Outlook or iCloud account—just for online shopping. You can significantly reduce the marketing and sales messages your primary email address receives as a result.

4. Use strong passwords when creating new accounts

Many online stores require creating an account to complete a purchase. These accounts typically require an email address and password. Because personal information—including your name and address, purchase history and sometimes credit card details—can be stored within these online shopping accounts, be sure to use a complex password. Don’t create easily hacked passwords. Avoid using words that can be found in a dictionary and be sure to liberally use upper- and lowercase letters, numerals and special characters, which make cracking passwords much more difficult.

5. Think twice before signing up for text updates

While we’ve long been fans of receiving text updates confirming when a purchase ships and when a package is out for delivery, take a moment to consider the tradeoffs. Having provided cell numbers to enable receiving shipping and delivery updates, we’ve noticed we also receive many more marketing messages, now, on those corresponding cell phones. Typically you can simply reply “STOP” to suspend superfluous sales messages, but occasionally merchants release your information to other partners for marketing purposes. So, just beware. Providing your cell number when checking out and completing purchases online can result in receiving more marketing texts.

6. Monitor your credit card and financial accounts

Don’t assume that just because an online transaction completes properly all is good. Monitor your credit card, mobile payment and other financial accounts regularly to ensure the same transaction doesn’t accidentally post twice and to confirm all transactions that hit your accounts are accurate and authorized. Many credit card companies provide instant mobile alerts for whenever a transaction occurs; sign up for those updates, as they will alert you almost immediately to any improper or unusual activity.

7. Don’t use a debit card for online purchases

Most industry observers agree it’s best to avoid using a debit card when making online purchases. When a credit card account is compromised, it’s one thing. Many banks and financial institutions limit the damages an account holder must pay for unauthorized or fraudulent transactions that occur using their credit card. But because debit cards are usually tied to a checking account, when debit cards are compromised so, too, are other funds within that corresponding account and different liability rules apply.

8. Don’t complete transactions using a public WiFi network

Because public WiFi networks are inherently insecure and the communications that occur using these freely available networks can be intercepted by unauthorized and malicious actors, avoid making purchases or entering and submitting sensitive financial information when connected to public networks. When connected to free WiFi networks—including those in malls, airports, coffee shops and hotels—always avoid entering sensitive information, accessing financial accounts or completing online purchases.

9. Consider using a VPN

If you must enter sensitive information or complete online transactions when using free public WiFi networks, employ a VPN to protect the corresponding communications and transactions and better protect your personal information and payment details. NordVPN, ExpressVPN and Private Internet Access are among many popularly available third-party VPN services. For a modest monthly fee, these VPN solutions for Windows and Macs are easy to use and encrypt communications to better protect personal details and financial data.

10. Tap mobile payments (Apple Pay, Google Pay)

Mobile payment platforms, such as Apple Pay and Google Pay, are more than just fast and convenient. Unlike when using a credit card, in which the transaction typically requires revealing and sending your specific account and financial details to the merchant, when you make a payment using Apple Pay, your actual credit card number isn’t shared with the merchant. Neither is the actual credit card information stored on Apple’s servers. Mobile payments are, therefore, more secure than traditional credit card transactions. Literally just tapping your phone, or clicking Apple Pay or Google Pay, can essentially complete a much more secure transaction.

The holiday season is underway

The holidays are here and Christmas and corresponding sales are most everywhere you look, including in your Inbox and online. As some $230 billion is likely to be spent on presents during the 2022 gift-giving season, odds are you’ll be doing some of the spending. Rest assured your online shopping can be safer adopting these tips. Season’s greetings and good luck finding holiday deals!