Like everything else in the universe this question is relative. How safe you are shopping online is how knowledgeable and aware the shopper is. There are going to be risks even with reputable online stores and it is up to the user to take the necessary precautions.
If you want to make sure the website you are browsing is safe, read here https://webforce.co.za/9-sure-signs-that-a-website-is-a-trusted-source
The risks we take shopping online varies. It’s not only about risking your banking details or credit card details. Payment details may be one of the highest on the list of concerns we have when shopping online but there are other risks as well.
- Theft or misuse of personal information – Your name and contact details are almost always required when making purchases online. The risks here are identity theft, selling of your information to 3rd parties and signing up for marketing communication you didn’t agree to.
- Your location – Your location may be visible but note that you don’t have to be shopping online or entering details for this. Its just one of the always present risks we take when using any online or internet service.
- Payment Details – The risks here or exactly as you may think which a is unapproved purchases and payments from your account.
- Malware – Just like Location, you don’t have to be shopping online for this. This is a risk when you are using the internet. Malware can potentially render your device vulnerable to information theft, damage, or extortion.
Impact and Recourse
There are many sites that tell you what you should or shouldn’t do but few advise you how to deal with a situation after something has gone wrong. Most users only start taking online security serious after an incident. Steps below help guide you towards a resolution and hopefully give you confidence when navigating online.
Theft or Misuse of Personal Information
Once your information is on the internet, that it, there is little that can be done. Unfortunately, there isn’t a single company out there you can contact to have your information removed. But there are things you can still do.
In extreme cases where identity theft is involved, you must report it to the authorities as soon as you become aware of it. This should safe guard you should your identity be used for any crime. Next, run your details through a reputable credit bureau and contest any account or record you have not agreed to.
If you are receiving loads of spam and marketing communication you did not agree too, if your country has a DNC or Do Not Contact service or agency, get your details on there. This is primarily for calls and texts. For emails you would need to take precautions for all mails you open and mark them as spam. Some emails will have an unsubscribe link at the bottom of the email which you can use. You may even do a lookup on a domain name and report it to the domain name host provider.
Clear your browser cache and cookies. You do not need to turn of the service on your device as this is used by other legitimate services. Clearing your browser cache and cookies, “forgets” your choices on whether to allow or deny location information per website you visited. If you are using an app, then you would need to adjust your app settings. If you think the app has no reason at all to use your location information but asks for it anyway then uninstall it. e.g., if you are downloading a mobile game that requests location information, this doesn’t make sense so you can choose to not proceed or deny location access.
NOTE: The same would apply to apps asking for access to call logs, contacts and SMS’s that do not need to ever have access to these functions.
As soon as you become aware of fraudulent activity your bank account, contact your bank immediately. Most banks allow you to contact them outside of normal business hours in case of fraud to cancel a card so do so as soon as possible. Thereafter review recent transactions and find out from your bank if there are any pending transactions to your account. If there are any red flags, ask your bank to cancel or reverse the transaction. If you are using a credit card, your bank should be able to reverse the transaction even after the fact.
Remember, that your credit card, and not debit card, has additional protection insurance regardless of the bank you are with. So, in most cases you can be reimbursed if it was proven to be fraud.
It is always safer as a frequent online shopper to use a credit card instead of a debit card. Also enabling 2FA (two factor authentication) drastically improves security. In most cases recently this has become mandatory.
Malware is a broad term encompassing any piece of code deliberately designed to wreak havoc on your computer or personal data. This includes viruses, adware, worms, and trojans. If you suspect your computer or device is under attack, safeguard crucial documents by backing them up to your cloud storage. Avoid using a flash drive or hard drive with existing information, as it could spread the infection. Afterward, update and perform a scan using your preferred anti-virus software. Clear your browser cache and cookies, uninstall any recently added software that might be the culprit, and run the anti-virus scan once more for good measure.
If after all this you think your computer or device is still at risk, get an IT engineer to take a look at it. Alternatively, if you are able to, reinstall your operating system or reload your device to factory settings. This will delete all data on your device permanently if not backed up.
Statistics for Internet Crimes
2020 – Ranking by the Number of Victims Per Country1.
- United Kingdom
- South Africa (YES, we are 7th worldwide)
2020 – Victims by Age Group in the US1
|20 – 29
|30 – 39
|40 – 49
|50 – 59
Ways of Staying Safe Shopping Online
No article about online security is complete without covering tips and guides for prevention. These tips are intended for anyone. If you do not practice these measures, it won’t matter how secure your devices are.
The device which you use needs to have adequate security before you even think about buying something online on it. There is so much content available online on this topic, but for now here are some tips I highly recommend.
- Make sure you have the most up-to-date anti-virus software, operating system (iOS, Unix, Microsoft Window etc), and web browser (Firefox, Edge, Safari, Chrome etc).
- Best practice is to not use a device that is shared or does not belong to you if you intend to enter any of your personal or banking information.
- Unusual behaviour on your browser or operating system is an indication of an infection and should not be ignored. This may be where tabs on your browser open up on its own, pop-ups ads on your screen, unable to uninstall an application and so on. Remember that any device you use needs to have a somewhat predictable behaviour by design. This is not always a sign of malicious software or a hacker, but it something you should be aware of when it comes to device security.
The Online Store
The number of online stores is constantly growing and unfortunately there are a few fake ones that exists. This deters people from shopping from legitimate small business owners. So, if you are a small business owner or looking to purchase from a small online store the following boxes will need to be ticked to maximize your legitimacy.
- Have a contactable local phone number.
- Have multiple channels for communication like phone, email, WhatsApp, Facebook and so on. Feel free to reach out to stores and see if they respond to your queries. That’s what they are there for.
- Search for the store on Google and see if someone has flagged them as being unsafe or fraudulent. Poor customer reviews are not an indication of being fraudulent unless explicitly stated. If there are poor reviews, did the business attempt to resolve this? Reviews should be looked at subjectively.
- Are the prices too good to be true? If it is too good to be true, then it probably is. If you see a brand-new laptop 80% off if you purchase NOW, then it’s probably a scam. Use common sense and match prices across different websites so you know the market value.
- Product information is important and should match the product picture and description. If you are not sure, search for the same product on other websites.
- After all this if you still have doubts, you could always ask on social media if anyone has purchased from that store.
- Is it a secure website? The website MUST have an https:// and not http://. The ‘s’ means that the website is using a secure socket layer (SSL) which means communication between you and the website is encrypted making it extremely hard for anyone to intercept information.
- You could buy something cheap at first to test out the waters. This is if they tick of all other boxes.
When it comes to the payment phase, you may be given an option of payment providers. Chose one which you have heard of or used before. This will redirect you to that company’s page or window to complete payment. Ensure that the browser is still using https://.
The use of payment merchants is generally safer than using an option native to the website owner. Payment merchants provide greater security naturally as they specialize in online payments.
Once you start using your credit card or account for online purchases, make it a habit to regularly check your bank statement. Apart from reconciling your purchases, you may not receive notifications for payments under R100. There are scams that exists where hackers/syndicates target a broad number of accounts with smaller inconspicuous payments that often go unreported for this reason.
Online Store Details
Make sure your online store password is complex and long to prevent someone from gaining access to it. It should be longer than 8 characters with numbers, lower and upper case and special characters as a good practice.
Passwords should only be accessible to you and not even the store owner. This is the design of a well built system and it may not necessarily be something a customer would know.
Don’t use a public Wi-Fi or network for purchases even if your device or the online store are safe. If you want to stay safe and make purchases on a public network, use a VPN (virtual private network). This adds an additional network layer to make your internet activity safer.
The number 1 type of online fraud is phishing1. Do not buy anything from a site that you clicked on from an email. If think its legit because you know the website or company, then type on the website manually on the browser then search for the product offer.
Keep Any Record of the Transaction
You should be doing this anyway for warranty purposes but more so for online purchases in case you need to proof to your bank or online store of what you purchased in case of a dispute or claim.
This may seem like a long list of things to remember and do but it isn’t. It’s like driving, you need to make sure the lights, tyres, water, and oil are maintained before driving then while driving you need to always check your mirrors and observe the road speed, keep your driving distance, use your indicators and so on. But as a regular driver it’s second nature and not as much effort. It’s the same with shopping online. There are risks and learning to mitigate situations and understanding prevention protocols will give you the confidence you need to shop online.
If you are a business owner or have something to sell, why not start your own store. Web Force professionally designed websites provide you with everything you need to start selling. You keep all the profit, no profit sharing regardless of how many sales you make. It’s your site, your rules.
To read about how to keep your data safe and secure while online, read this article https://webforce.co.za/the-top-10-ways-to-keep-your-online-data-private-and-secure.