When you shop online, there’s a risk of identity theft and fraud. Cybercriminals may try to swipe your personal info or sell you bogus goods. Before you share sensitive details online, make sure the site is trustworthy and pay with a credit card for added protection. Read on for more online shopping safety tips.

It can be incredibly convenient to purchase something with a few clicks or taps. But online shopping poses risks, too. 

It’s important to be aware of the risks of online shopping — especially since we’re shopping online more than ever and online shopping scams are up. Plus, shopping online may add to your digital footprint

But by following online shopping safety tips, you can minimize your risk.

Need more good news? Most of these techniques — like setting stronger passwords and using two-factor authentication — can be implemented in just a few minutes. 

1. Shop only on secure sites

Before you share personal details online, especially payment information, make sure the site is trustworthy

Look for URLs that display a trust seal and begin with “HTTPS” (the “s” stands for secure). You can also check for a locked padlock in the address bar, which signals that information you send through the site is kept private.

2. Avoid purchasing on public Wi-Fi

Public Wi-Fi is not always secure, meaning you can’t assume the data you share will be encrypted, or scrambled into code, making the original information unreadable to unauthorized users. 

When you’re using an open network — like the free Wi-Fi offered by your neighborhood coffee shop, for example — it may be possible for criminals on the same network to see your details. That’s why it’s best to save shopping and other sensitive transactions for home. 

It’s worth noting that it pays to be cautious with public computers, too. If you must make a purchase on a shared device, sign out of your accounts and visit the browser’s “Settings” page to delete all cookies when you’re done. 

3. Safeguard sensitive information

The fewer personal details you can provide, the better — so think twice before entering information that you don’t absolutely have to share. 

Whenever possible, avoid entering your details into gift registries and giveaways. When it’s time to pay, you can check out as a guest rather than creating an account. When you use a guest account, the retailer may be less likely to store your information, which could later be leaked in a breach. 

If you’re a frequent shopper with a particular site, making an account may seem unavoidable. Just remember to create strong, unique passwords for sites that store your billing information or personal details. 

4. Use a credit card or Click To Pay

Paying with credit rather than debit provides a certain degree of online shopping protection as it may give you a better chance of disputing bogus charges. The Fair Credit Billing Act, a 1974 consumer protection law designed to guard against unfair credit billing practices, gives purchasers the right to dispute unauthorized credit charges over fifty dollars.

If you want to play it even safer, enroll in the free service Click To Pay, a unified online payment system created jointly by the four major credit card companies, Visa, MasterCard, American Express, and Discover. Click To Pay prevents fraud through tokenization, in which a unique code — instead of your credit card number — is shared between your bank and merchant. Tokenization may increase your security by decreasing the number of times your credit information is revealed in transactions.

A digital wallet, such as Google Pay or Apple Pay, can also provide an extra layer of protection: users pay with their phone or through an app, and their billing details are encrypted in the process

5. Practice good privacy hygiene

Always use two-factor authentication, consider a password manager, and keep your software up to date.

If you follow these basic best practices, you’ll be harder to hack than the next guy, and cybercriminals are known to seek out low-hanging fruit.

6. Embrace a healthy skepticism

Some cybercriminals attack retailers directly to capture customer data. Other scammers, known as phishers, try to lure you away from legit sites onto malicious pages that capture and steal your information. 

Phishing sites and emails may closely resemble those of the companies they’re spoofing, so be on the lookout for these tell-tale signs: 

  • Misspelled words 

  • Blurred images

  • A pushy or threatening tone urging immediate action 

  • Deals that seem too good to be true

  • Hidden or misleading hyperlinks (to see a link’s true destination, hover your mouse over the text before clicking)

  • Websites that only sell one item: scammers are setting up spoof sites for items sold out everywhere else

7. Use an identity protection service

Whenever personal or financial information is exposed — whether it’s through a data breach or an online shopping scam — there’s a risk of identity theft.

Thankfully, if you’re a member, our identity specialists are here for you. If you’re ever unsure about an online purchase, they can advise on whether or not something’s a scam.

And, if you’re experiencing true identity theft, they’re here to manage the recovery process from start to finish.