A Free Educational Resource Created by Carnegie Mellon University to Empower You to Secure Your Part of Cyberspace

An Online Shopper's Holiday Guide to Security Practices

Be merry this season by avoiding common troubles online, while enjoying the freedom and convenience of shopping on the Internet.

With all that you need to do during the holiday season, online shopping can be a lifesaver that offers speed and convenience, but don’t forget the dangers that exist. Follow these tips to keep your senses sharp and avoid some of the common pitfalls

Protect your computer

Just as you get a flu shot before winter sets in, so you must also protect your computer before going out into the worldwide web. One of the simplest ways to protect your information both on the web and on your computer is to install an anti-virus program and ensure that it is always up to date. There are several free and well established anti-virus programs, such as AVG , Avast , and Symantec , which will adequately protect your computer and do regular automatic updates to keep you safe while you shop online.

Always shop at trustworthy online stores

You would never shop at a store that is dimly lit, marked with a makeshift misspelled sign, and operated by a person wearing a mask. Use these same instincts when choosing where to shop online, and check the e-commerce area for tips.

Here is what to look for in online stores:

  • Use stores that have have been endorsed by a third party, such as the Better Business Bureau and ControlScan .
  • Go with well-known brands, such as Amazon or Blue Nile or the websites of popular brick-and-mortar stores.
  • Always know a contact name and physical address you can use in case you need to follow up on the order.
  • Pay attention to the full web address. Some websites may try to mimic popular stores by building similar-looking pages or using a similar web address that may be misspelled or listed as .net instead of .com. Read more about spoofing.

Choose online retailers who meet the standards listed above. A free tool is available through McAfee called SiteAdvisor  that screens websites for malware and other potential threats.

Remember to print copies of your online order for your records and proof of your transactions. Read a website's return policy, warrenty terms, and customer service policies before completing a purchase. An online transaction, like retail shopping, is protected by law. If you encounter problems with online transactions, the Federal Trade Commission  can assist with having them rectified.

Be quick to close suspicious pop-up windows.

Shopping websites are common places where you may encounter pop-up windows that advertise a product, promote a special offer, or request information. These pop-ups most likely come from a third-party advertiser that has nothing to do with the main site. Close the pop-up window by clicking on the icon in the top right corner of the window. Never enter any personal information into any pop-ups that may appear.

When pop-up windows bombard your monitor screen, you likely have spyware on your computer. Spyware is a kind of software that collects, processes and sends information about you and your browsing habits to others without your consent.

As its name suggests, spyware installs itself without computer users being aware of it. Do not download a piece of software unless you trust the source! Secure My Cyberspace provides more tactics against spyware.

Reduce your intake of spam

Spam, or unsolicited email, is another annoyance. To reduce spam, refrain from sharing your email address with people you don't know. Or, consider creating a "dummy account" with a free webmail service such as Yahoo! or Google Mail. You can be comfortable passing out the email address of the dummy account because the potential spam you may get will filter into it instead of into your personal or professional account.

On websites that collect email addresses, read the privacy policy to see that it specifies it will not share or sell your email address to third parties. A tool called Privacy Bird  can help shoppers easily interpret the privacy policy to determine how responsible a website will be with users' personal information.

Remember: If it sounds too good to be true, it's probably a scam!

When you are busy shopping, an offer for a free trial or free sample might sound very enticing. This type of offer typically requests you to forward it to a number of your friends. Companies who have been falsely portrayed in these hoaxes include Cracker Barrel , Microsoft and others .

Many of these offers are simply spam. Others are scams to collect email addresses and other private data, without a policy to protect this information.

Make safe transactions

When making a purchase, make sure the company or seller uses an encrypted web page at the point of sale when you must enter your credit card number. The web address should begin with https:// and a lock icon should display next to the address bar on the browser window.

To have greater peace of mind, look into one-stop services that minimize the number of organizations who access your credit card information. When you sign up for services like Pay Pal and Google Checkout, they will handle your transaction for you, if you shop at a website that accepts their payments—and many do. At checkout, you simply enter your username and password for Pay Pal or Google Checkout, and the cost will be billed to the credit card through the service.

Use wireless? Never conduct a transaction over an unencrypted or open wireless network. This opens a door to cyber criminals who want to steal your financial information.

Finally, consider using a credit card instead of a debit card to make your purchase. In case of fraud, it is easier to cancel a purchase with a credit card. If you pay with a debit card, it is almost impossible to reverse a transaction. Gift cards are even safer for making purchases because they do not carry your financial information.

With these security practices in mind, shoppers can continue to enjoy the enormous offerings of the Internet.

My home page