Americans plan to do as much as 15% of their holiday shopping online this year. USA TODAY asked computer security experts for their tips on how to stay safe as you buy.
1. Just say no to free Wi-Fi
Resist the temptation to use free public Wi-Fi. It is a trivial matter for hackers to eavesdrop on your connection and steal your information.
2. Avoid e-mails offering deals
Don’t click on email offers. Instead, go directly to the retailer’s website to find deals. Same thing goes for promo codes — don’t click those links to copy the code, but instead copy it and use it directly on the retailer’s website. Even the most legitimate-looking email could be from hackers phishing for account info.
3. Don’t be lazy
If you need to create an account with an online retailer, do not use the same email address and password you use anywhere else. This is such old advice it may seem obvious, but many attacks are still successful because people reuse the same combination of email address and password in multiple sites, and attackers know it. It’s not worth the risk.
4. Use apps, not your phone’s web browser
Apps for sites like Amazon and Wayfair typically have an extra layer of security and encryption, making them safer to use when you’re out in public.
5. Eschew convenience for security
Never save your credit card information in retail sites and web browsers. If they haven’t stored it, it can’t be stolen from them.
6. Credit, not debit
When shopping online, use your credit card instead of your debit card. If something goes awry such as making a bad purchase with a malicious online retailer, it is usually easier to resolve any issues with your credit card company than with your bank (or at least the money is not deducted from your checking or savings account).[related-posts]
7. Open your statements
Pay extra attention to your bank and credit card statements come January and February. Even small charges you don’t remember making can be a sign of fraud. If you see an unknown charge, call your bank immediately and report it.
8. Embrace phone-based payments
Retail data breaches have led to the compromise of millions of credit cards. Mobile payment technologies, like Android Pay and Apple Pay, cannot be cloned like traditional magnetic stripe cards. Consider using these technologies in your holiday shopping to keep your cards safe from thieves.
9. Don’t leave your phone unlocked
For God’s sake, set your phone to require PIN or fingerprint to access it!
Whoever wrote this article is fairly clueless. The initial common sense advice is solid but the end of the list falls apart.
You shouldn’t be using any of the phone based apps. In fact, you shouldn’t be doing any online shopping using an Apple, Windows or Android device. The only type of device that’s safe to use for online shopping is a Linux laptop or desktop computer.
Additionally, avoid any site that advertises that they use Norton or McAfee software to protect their transactions. Those two companies create awful software and seeing those notifications is a green light to hackers.
Don’t use your regular credit card on any online shopping site. Use gift cards whenever possible, and only use your credit card number for large transactions where gift cards are not practical.
Don’t trust anyone who tries to tell you my first three comments are false, and that online shopping is safe. They’re either lying or they’re ignorant.