5 Ways to Shop Online Safely this Christmas

1. Research the website or seller before purchasing

Unless you’re on the website of a well-known, trusted retailer like Amazon or John Lewis, you should take the time and do some research if you want to purchase something from a website that you haven’t used or heard of before.

There are thousands of smaller, independent retailers online and most of them are completely genuine and want to give you a good service. But, unfortunately, some will be out to steal your bank details or personal information so it’s important that you can identify the real ones from the fake.

Search for the website online to see if there are any reviews on trusted websites like Trustpilot or Reviews.co.uk. Try to avoid reading any reviews on the website itself as these can be easily fabricated by the website’s creator. You can also ask your family and friends, or post to online forums, to see if people have used the website before and what their experience was.

2. Check that the website is secure

Before you enter any personal or bank details into a website, you need to check for the security and encryption signs. This goes for any website, even large, well-known retailers, as there’s always a chance that you could be on a bogus version of the website without realising.

Look for the padlock and ‘HTTPS’

Any website which requires you to enter personal and bank details should have a URL that starts with ‘HTTPS’ (not HTTP), and a green padlock symbol should be displayed to the left of the URL bar. This means that any details you enter into the website are encrypted, meaning they can’t be read by anyone that may try to steal them.

Look for a privacy policy

All websites which collect data must have a privacy policy under GDPR (data privacy laws.) This policy must clearly explain how any data you put into the website is collected, stored and protected, and it must be easy to find on the website. A bogus website is very unlikely to have this in place.

Find contact details

Legitimate retailers should always display contact details on their website so you can contact them with any questions or concerns. If you are at all unsure about the legitimacy of the website, give them a call. Again, fake websites are unlikely to have these details available.

Read this article for more information on how to tell if a website is secure.

3. Keep anti-virus software up to date

If you use the internet regularly (for any purpose, not just online shopping) it’s essential that you have anti-virus software in place. This software will keep your devices protected if you accidentally go onto an un-safe website which tries to infect your device with viruses or malware.

Viruses can cause all sorts of problems for you - from constant pop-up ads and damages to your programs, to deleting important files and destroying your hard drive. Malware is particularly dangerous as sometimes it places a ‘bug’ in your device which records your screen and what you type, meaning it can record log-in details.

It’s not enough to simply just have this software in place – you need to make sure it’s always kept up-to-date so it works against any new potential threats as criminals are developing these viruses all the time.

4. Use strong and unique passwords (and 2FA)

When you create an account with any website (most online retailers will require this before you can make a purchase) it’s very important to use a strong and unique password, especially when you’re entering and storing personal and bank details.

You need to use a different password for every online account you have (especially your email account and online banking) as this will prevent a criminal from being able to hack everything if they manage to get hold of one of your passwords, perhaps from a data breach of an online retailer.

Read this article to learn how to choose a strong password.

Also, wherever you have the option to, you should enable two-factor authentication (2FA) for an additional layer of security. When you enable 2FA, you will be sent an OTP (one-time passcode), via SMS, when you try to log-in to that account.

You will need to have both the password and the code before you can log-in. This means that if a fraudsters manages to get hold of your password, they still won’t be able to log-in to the account as they won’t have your phone, therefore the code. This will also alert you if somebody else is trying to log-in to your account, giving you a chance to change the password as soon as possible. 

5. Avoid using public Wi-Fi

Even if you see the perfect Christmas gift for someone when you’re out and about, you find it cheaper online and you want to buy it straight away, it’s definitely the safer option to wait and buy it when you get home.

There are several risks to using public Wi-Fi as you could easily connect to a hotspot which has been created by a criminal to steal people’s data. Fraudsters set up in a public place, like a café or an airport, which is known to have public Wi-Fi. They will then create their own hotspot under an innocent name like ‘free airport Wi-Fi’ or ‘Costa Wi-Fi’ and wait for people to connect to it. Once somebody has, they will be able to view and steal any log-in details they enter whilst using the network, steal bank card numbers if they purchase something online, read and intercept emails and much more.

Read the following article for more information on how to identify fake public Wi-Fi hotspots. 

Find it useful? Please share!

Subscribe for Updates

We will email you monthly details of our latest:

• Business and consumer guides
• Finance news
• Information and awareness about the latest frauds and scams, to help you avoid them.  

I want to receive email updates

By submitting your email, you agree to our Terms and Privacy Notice. You can opt out at any time.