5 Simple Tips for Protecting Your Information While Online Shopping

Online Shopping

There are simple steps you can take to protect your personal identity from malicious types while online shopping. Photo: urbazon/Getty Images

Imagine if a stranger came up to you on the street and asked you to provide your name, address, and passwords.

Of course, you wouldn’t.

Yet Canadians are blindly giving out this sensitive info online — if the email, text message, website or social media post looks convincing enough.   

Canadian shoppers often fall for scams this time of year, perhaps because we’re online more than usual, our guard is down as we’re busy buying things for loved ones, or the frequency of fraud attempts is up.

In fact, RBC recently conducted a survey of 1,500 Canadian adults and found more than half of respondents say they’ve received notifications their data has been breached — up 37 per cent over last year.

To shop online safely, and protect your personal identity from malicious types, take heed to these online shopping safety tips.


Look For the Lock

Always use a secure Internet connection when making a purchase. Reputable websites use technologies such as SSL (Secure Socket Layer) that encrypt data during transmission.

That is, look for the little padlock in the address bar or a URL that starts with “https” instead of “http,” as the “s” stands for “secure.”

Some browsers will tell you it’s safe to give out your credit card by showing you a green address bar, while unprotected ones will be highlighted in red.

Cybersecurity experts say using a store’s app to shop is safer than using their website.


Password Pointers, Software Tips

A strong password is at least seven characters long, has a combination of letters, numbers and symbols, and with some uppercase characters, too. Change passwords routinely. Or use password management apps if you’re worried you won’t remember them. 

Many opt for a passphrase instead of a password, which is typically a long sequence of strung-together words. For example, the sentence “My daughter Delilia’s birthday is June 15!” could be used to create a passphrase like “MdDbisJ15!”

Update your passwords to make them unique to each business you register with. “If you use the same email address and password for multiple sites, you might be more vulnerable,” says Michael Jabbara, VP and Global Head of Fraud Services at Visa.

If supported, use biometrics to log into an online account, such as your face or fingerprint.

Iskander Sanchez-Rola, director of privacy innovation for Norton, suggests opting for “multifactor authentication” if the app or website offers this, which not only requires your password to log in but a one-time code sent to your mobile device. “Even if someone gains access to your credentials, they still won’t be able to access your accounts.”


Use a Secure Payment Method

Only shop on sites that take secure payment methods, such as credit cards and PayPal, as you’ve likely got buyer protection — just in case there’s a dispute.

In other words, you won’t be held liable for fraudulent charges. Even before it gets to that, you might be notified by your credit card company or bank if suspicious activity is detected.

It’s always a good idea to review your account transactions online or go through monthly paper statements, to see if anything looks questionable.

Beware of sites and apps that only accept money orders, wire transfers, or checks, or if they ask you for cryptocurrency or to pay using Google Play gift cards, which are both common tactics among scammers.


Do Your Homework 

When on marketplaces like eBay or Kijiji, check the seller’s reputation and read comments before buying a product to see what the experience was like for past customers. You can always ask a question to a seller and reputable ones will reply in a timely manner. Also, read the item description carefully before you buy, including where the seller is located, shipping charges, if the product is new or used, refund and return policies, and payment methods accepted.

Also, don’t forget about the number one tip about shopping: if it seems too good to be true, it probably is. Avoid unbelievably hot “deals” from unknown merchants, such as someone selling a new iPhone 15 for $300.

Ignore emails, texts or even phone calls that claim to be from a retailer (or your bank, Canada Revenue Agency, or your Internet Service Provider). These “phishing” attempts look legit, but if they ask you to confirm your financial or personal details on a website, they’re a fake. They’re trying to lure you to tap or click a link in the message, which takes you to an authentic-looking website, and fool you into typing in information.


Avoid Shopping on Hotspots

Try not to do any online shopping when you’re using a communal computer (such as in an airport lounge) or when you’re using a public Wi-Fi network (say, at your favourite coffee shop or in a hotel lobby). You never know if your information is being tracked and logged, so it’s best to wait until you get home. 

“Cybercriminals like to target public Wi-Fi networks, so try to avoid them, if possible,” confirms Jabbara. “But if you have to use free public Wi-Fi, try running a VPN (Virtual Private Network), and refrain from inputting personal information, such as passwords and usernames.”

Sanchez-Rola says it’s safer to use your 4G or 5G network than a Wi-Fi network: “Personal hotspots are much more difficult to hack, and attackers typically focus their efforts on exploiting people who are unprotected on public Wi-Fi networks.”

“Because public Wi-Fi networks are inherently less secure than a personal hotspot, you could also be exposing yourself to identity theft,” adds Sanchez-Rola.

Always have good anti-malware (“malicious software”) installed to catch threats like viruses.

On a related note, keep your devices up to date by turning on “automatic updates.” This includes your web browser and third-party add-ons, which could warn you if you land on suspicious websites.


3 Online Shopping Tips That Will Save You Money

Privacy Check: Is It Safe to Use Facebook or Google to Log Into Other Sites?