With the recent boom in online shopping, more and more people are choosing to shop from the comfort of their own homes during the holiday season. If you are planning on doing any online shopping, be sure to follow these guidelines to ensure you don't get scammed...or worse!
1. Always check for "HTTPS"
Not all webpages are equally secure. Before entering any personal or payment information, make sure to look up at your browser bar. The URL should start with HTTPS, not HTTP. That one letter on the end, S, is the difference between a secure site and an unsecured site.
A secondary thing to look for is the small lock icon in your address bar. This lock indicates that you have an SSL (secure sockets layer) connection. The icon is standard for most popular browsers, including Internet Explorer, Chrome, Safari and Firefox.
On mobile devices, the address bar is tinier and easier to overlook. Do a little pinch-and-zoom to locate the S before sharing your payment information.
2. Watch your WiFi
Shopping from mobile devices means an increased chance you'll be on an unfamiliar WiFi network.
"Only window shop on public WiFi," recommends Derek Halliday, lead security product manager at Lookout, a mobile security company.
Avoid entering your credit card number or other private information when you're on an unsecured, public WiFi connection where people could snoop. Wait until you are back at home or work.
3. Beware of phishing, SMiShing and other scams
By now most people know to keep an eye out for phishing scams -- e-mails disguised as legitimate companies or organizations that ask for payment or password information. But every now and then, one comes along that looks incredibly convincing. To be safe, copy and paste all links into a fresh browser window instead of clicking on the hyperlink, check the originating email address and when in doubt, contact the company to verify the e-mail.
SMiShing (a lovely portmanteau of "SMS" and "Phishing") has taken off recently, catching people off-guard who don't expect to receive this type of spam as a text message. Earlier this year, scammers sent texts telling people they had won a $1,000 gift card from Walmart. The texts linked to a page that asked for credit card information to cover the cost of shipping the prize.
As a general rule, legitimate companies will never ask for your private information over email or text message, including payment information, usernames, passwords, mother's maiden name or social security number.
Get the full list of tips here (source)