#FedLifeHacks, Safety

Keeping Your Data Safe While Shopping Online

by/December 7, 2023
Keeping Your Data Safe While Shopping Online

Cyber Monday sales were up 5.8 percent totaling $11.3 billion this year. With e-commerce booming, the focus now is keeping your data safe while shopping online.

It’s safe to say with the ease of shopping from the comfort of your home along with speedy delivery and curbside pickup, online shopping is here to stay.

The boom in online shopping has opened the floodgates for online fraud and scams. The strategy for thieves – stay a step ahead and cast a wide worldwide net that targets both you and retailers. 

There are four primary ways that thieves are targeting you online:

  1. Fake Websites
  2. Third-party sellers through legitimate sites
  3. Social Media
  4. Text Messages

We spoke with fraud experts to get their take on how to best protect yourself online.

  • Update Software

    Device and software manufacturers are constantly putting out updated versions to not only introduce new features but also patch security threats that put your information at risk. Be sure to stay up-to-date with the latest software updates on your various devices as they become available.

  • Shop Secure Sites Only

    Look for the lock symbol on your address bar. Secure websites will begin with HTTPS–instead of just HTTP. HTTPS is now standard on credible sites, so much so that Google Chrome will flag any page without the secure “S.”

  • Free Tools

    Fake websites and phony third-party sellers incorporate fake user reviews to gain your trust. There are a few free user tools that provide a deep analysis of suspicious files, domains, IP addresses, URLs, and product user reviews to spot fakes.

  • VirusTotal analyzes files, domains, IP and URLs to detect malware and other breaches.
  • FakeSpot is used as a Chrome extension and analyzes user reviews to spot phony reviews
  • ReviewMeta allows you to copy and paste a site’s URL on their page to analyze it.
  • WhoIs.com is a directory that allows you to search any website to see who the site is registered to, when the site was established, along with contact location. A newer site or foreign-based might be a cause for red flags.

  • Don’t Shop on Guest Wi-Fi or Public Computers

    While public Wi-Fi is certainly convenient, depending on how secure a public Wi-Fi source is, it can also leave you susceptible to hacking, putting both your personal information and devices at risk. If shopping online while utilizing Wi-Fi, leave the items in your cart and go back to purchase them once you are back on a secure and private network. Do not use public computers to shop online or login to personal accounts.

  • Avoid the Links

    Be aware of emails with links and deals that are too good to be true. Be especially wary of any text message links that come through unsolicited. When possible, access the site by typing in the address on your browser and navigating to the product through the site. As always, look for that lock icon in the address bar that shows the site is HTTPs secured.

Don’t hesitate to report criminal activity to the FBI. Don’t be embarrassed to file a complaint. We receive about 800 complaints a day, and many of those victims are duped by professional con men.

– Kenneth Klocke, FBI Special Agent

  • Be Wary of Online Classified Sites

    With a limitless online audience, selling your old couch, the dining room table, or even old toys your kids no longer use via online classified sites has never been easier. Classified sites like Facebook Marketplace and Craigslist are booming, but as anyone who has ever posted or searched for an item will tell you, the sites have become the ‘Wild West of fraud.’

    Online classifieds leave it completely up to the buyer and seller to arrange item and payment transactions without built-in payment services on the platforms. Buyers and sellers are left to exchange cash, checks, cash apps, or bank transfers without built-in consumer protections. 

    From fake or defective items, undelivered goods, phishing links, bait and switch, overpayment schemes, requests for multi-factor authentication codes (see section below), and giveaways. There is an ever-growing list of scams that fraudsters employ to steal from you.

    If you decide to use one of these online classified sites, do your homework and read up on the growing list of scams

    Never exchange phone numbers or communicate outside of the selling sites, like Facebook Marketplace or Craigslist. Never exchange account information, gift cards, money orders, deposits, or accept an overpayment where you accept a check and provide cash back. Most importantly, when in doubt, stop communicating with the individual, report the individual to Facebook, and if needed, you can call your local non-emergency police line or 911 if you are in danger.

    FBI Special Agent Kenneth Klocke explains, “don’t hesitate to report criminal activity to the FBI. Don’t be embarrassed to file a complaint. We receive about 800 complaints a day, and many of those victims are duped by professional con men.”

  • Passwords

    Creating a unique and sufficiently strong password for every online account is tough. Remembering said password for each individual website can be almost impossible. With some of the top websites experiencing data breaches exposing personal information of millions, we can’t stress enough that creating a unique username and passwords for each account is vital. 

    PCMag shared their simple tricks for creating and remembering strong passwords. A few years back, I took this information and found a unique way to customize it for every site that never leaves me second guessing myself. I’d share my strategy with you, but then you’d know!  

    You can also explore a variety of password management products reviewed by PCMag that will do the work for you, for a fee. 

  • Enable Multi-Factor Authentication (MFAs)

    When available, be sure to utilize the Multi-Factor authentication feature for site login. Most have probably experienced this setup at one time or another in the last year or two. When logging in, the site will send a text message or email to your device with a one-time unique code.

    A fraud warning with multi-factor authentication. Thieves attempting to access your account will send the code request then through a phone call, chat, or email, will ask you for this number. Customer service agents will never ask you for the MFA, so never share this one-time unique number with anyone asking for it.

    You can learn more about MFA’s from the National Cybersecurity Alliance.

  • Protect Your Web Browsing

    Where to start with this! Recently, Apple turned the table on app developers by updating its tracking transparency policy. The updated policy allows customers to opt out of tracking across other companies’ apps and websites for the purpose of advertising and sharing with data brokers. Users are now prompted to select their preference when downloading the app.

    On Apple devices, you can go back and manage your tracking permissions for each app in your settings. Here’s a link with step-by-step instructions

    Opt for private browsing and do-not-track features:

    • Google Chrome. Go to the Google Support Center and search for “incognito mode.”
    • Mozilla Firefox. Go to Firefox Help and search for “private browsing.”
    • Microsoft Edge. Go to Edge Help and search for “InPrivate browsing.”
    • Apple Safari. Go to the Apple Support Center and search for “private browsing.”
Keeping Your Data Safe While Shopping Online

  • Share with Care

    Online retailers do not need personal information like your birthdate or social security number to process your order. When possible, default to giving as little personal information as possible. If a merchant requires more information than you feel comfortable sharing, cancel the transaction.

    Retailers like to make the purchase process as easy as possible by storing your payment information within your profile, which can be targeted during a data breach. Opt to not save your payment information on these sites.

  • Skip the Debit Card

    Be sure to check your credit card bill online regularly. Most credit card apps have the option of displaying card transactions on your phone in real-time. All of my cards, for instance, are linked on my phone and display the retailer name and purchase amount the moment the transaction goes through.

    Keep an eye out for fraudulent charges that originate from sites like Paypal and Venmo along with questionable retailers and pesky recurring charges. If you see something questionable, be sure to address the issue with your bank or card issuer immediately. The Fair Credit Billing Act ensures that if you get scammed, you are only responsible for up to $50 of credit card charges you didn’t authorize.

  • Check in With Older Loved Ones

    The number of older adults who experienced fraud increased from 2019 to 2022. According to the FBI, in 2021 there were over 92,000 cases of fraud of senior citizens, resulting in over $1.7 billion in losses. That number may be drastically higher. The FBI estimates only 20 percent of senior citizens report fraud incidents to authorities.

    This is a big topic, so we’ve created an expanded guide to walk you through protecting older loved ones from scams.

More from FEEA

Subscribe to FEEA’s Newsletter

The information provided in this piece is for your convenience and informational purposes only and not to be construed as professional advice. FEEA and its coauthors and sponsors are not liable for any losses or damages related to actions or failure to act with regard to the content in this piece.

Would you like to reprint this piece in your agency human resource, federal employee association, or union local newsletter? You can do so at no cost by contacting [email protected] with your request.

Tags:#consumerprotection, #datasafety, #eldersafety, #fedlifehacks, #identitytheft, #onlinesafety, #scams, holiday spending