Sure, e-commerce sites are convenient, but more and more frequently they are teeming with cyber threats that could compromise your financial information, identity, or even your business. Here’s what you can do to protect yourself.
Online sales in the U.S. are projected to reach $523 billion by 2020, according to a report by Forrester Research. In fact, many Americans are buying more online than in-store, and retailers aren’t the only ones taking notice. Criminals see the e-commerce boom as an opportunity for payment fraud, identity theft, and other cybercrimes.
Of every $100 spent online, $4.79 is at risk of a fraud attack, according to The Global Fraud Index, a PYMNTS and Forter collaboration. It’s important to remember cybercriminals don’t just acquire data by targeting you personally. They hack businesses in hopes of infiltrating their databases to steal customer information. If you’ve created an account with a website that is compromised, your information is at risk, even if you haven’t shopped there in months!
Most retailers take precautions to provide their customers with safer online shopping experiences, but the onus is also on the individual. These tips will help you identify secure e-commerce sites, protect your personal information, and at least mitigate the damage should you fall victim to a cyber criminal’s attack.
- Only Shop at Sites with “HTTPS” URLs at Checkout
HTTPS stands for Hypertext Transfer Protocol Secure and indicates that the business has an SSL (Secure Sockets Layer) certificate. This certificate requires the vendor go through a validation process. Once installed SSL and TLS (Transport Layer Security) are used to secure sensitive online transactions—such as credit card purchases, financial data transfers, account logins, and other browsing activities requiring a heightened level of security. The data you share with a site’s web servers is encrypted in transit, and thus much harder for hackers to exploit.
- Assess the Site’s Legitimacy
- Create a Separate Email for Online Shopping
Do not provide e-commerce sites with your personal or business email address. Instead, create an account you use solely for online shopping. You can set up your accounts so all emails forward into a single inbox, but limit how often you hand out your primary email addresses.
- Create Unique Logins and Passwords for Every Vendor
Password management is an important component of safer online shopping yet it is often overlooked. Should a cybercriminal gain access to one of your accounts, you want the damage to end there. Do not use the same login and password for everything. Create complicated passwords that cannot be easily guessed. Password management applications, such as LastPass, are invaluable tools to help automate this.
- Use a Dedicated Credit Card for Online Shopping
Most credit card companies offer some fraud guarantees and will work with you if your information is stolen. Additionally, consider using PayPal, which goes to great lengths to keep its customers secure.
- Do Not Save Your Payment Information
Sure, you’ll add a few seconds to future checkouts, but it is worth it? Should a criminal infiltrate an e-commerce platform at least you won’t be giving them your credit card number on a silver platter. Also, refrain from saving passwords on your browser and clear your history routinely.
- Delete Accounts You No Longer Use
Remember, even if you haven’t visited the e-retailer in months, your information could still be obtained by a criminal who hacks the site. By removing accounts from sites you no longer frequent, you’ll help keep your personal information safe.
- Be Wary of Promotional Emails
Cybercriminals use email as a means of spreading malware and launching spear phishing scams. If you receive an email from a retailer that looks too good to be true, visit the site directly to confirm the information is valid. Always verify the email address of the sender. If everything seems above-board, hover over the link before clicking it, which will allow you to review the URL. Be sure to do so carefully, as crooks often use domain names that look similar to reputable sites.
E-commerce is a part of life, but we can’t take our cybersecurity for granted. No business owner wants to encourage personal purchases on the job, but it is worth sharing best practices for safer online shopping to help keep your employees, and your business, secure.
Anderson Technologies is a St. Louis IT consulting company that helps small businesses educate their employees about effective cybersecurity practices. For more information on our cybersecurity training services, email firstname.lastname@example.org or call 314.394.3001 and check out our free eBook, An Employee’s Guide to Preventing Business Cybercrime.