‘Tis the seasons for getting monster deals online. But just because Cyber Monday lacks the threat of being trampled to death by a hoard of penny pinchers doesn’t mean you’re safe. Scammers, hackers, and swindlers of all types are lurking in grungy basements around the world, ready to dupe anyone who fails to properly protect their e-commerce transactions. Here’s everything you need to do to make sure your Cyber Monday goes off without a hitch.
Updated 11/18/14 by Brad Bourque: added relevant information to scams for 2014, as well as adding more details to checking the URL and eBay seller rating.
Software updates can be annoying, but they often include key protections against the latest security threats. To have the best chance of escaping Cyber Monday without any battle wounds, install updates for your Web browsers, email clients, and operating systems. These should always be downloaded directly through the software that you’re updating in order to prevent the installation of fake updates. If someone calls you on the phone to tell you something is wrong with your computer, they’ll try to get you to go to a URL to download spyware or a virus, and you should just hang up.
Antivirus all the wayMany of the online threats this year come from malware that can steal your payment information and otherwise wreak havoc on your life. To limit the chances of getting infected, make sure you have antivirus software installed and activated. There are many quality free versions to choose from for both Windows and Mac machines.
Ignore emails and pop-ups
Even if you have antivirus software up and running, there’s no guarantee that you’re completely safe. To further avoid allowing any life-screwing viruses onto your machine, don’t click any pop-up ads, as they may contain malicious software. Put any Cyber Monday emails that include attachments directly in the trash – they may contain a virus. And always check the email address of any Cyber Monday deal offerings.
If you receive an email telling you there’s a special sale on an online retailer, you should take the time to open that retailer’s website by typing the URL into the bar yourself. If an email is properly masked, you may not know that it came from a source that isn’t that shop, and then you’d be clicking into a totally fabricated version of the site.
Look for the lock
This one is easy to spot, and absolutely crucial. Anytime you go to check out online, “make sure the website you’re using has an SSL ‘padlock’ icon, which ensures information passed between a server and a browser remains private,” says J.D. Sherry, a vice president at cybersecurity firm Trend Micro. “The symbol should appear in the far left corner of your browser’s search bar.”
Another way to know that your connection is secure is to look at the URL in your browser, which should show “HTTPS,” rather than just “HTTP.” If you don’t see the padlock icon or HTTPS, don’t enter any personal or payment information, close the window, and shop somewhere else.
It’s also important to check the URL as you browse the web anyway. Scammers will frequently create sites that function exactly like pages you use every day to login to services or check your accounts, and an easy way to see is to check the URL bar and make sure it’s pointed at the right place.
Credit (or PayPal), not debit
Credit and debit cards are so similar that it’s easy to forget how different they are. But when it comes to getting hit with fraudulent charges, the differences couldn’t be more important. With debit cards, it’s your money that’s being stolen, and it can often be difficult to recover those lost funds – right when you need them the most. With a credit card, on the other hand, no money is being taken from your bank account. And credit card companies are merciless when it comes to combating fraudulent activity.If an online retailer accepts PayPal, you can link your credit card to your account in order to double up on security. PayPal has a number of buyer protection features that will help in case of fraudulent activity, and if someone gets access to your payment information, they still won’t have your credit card numbers, so you don’t have to change them. As an added bonus, all of your standard credit-card protections will cover PayPal purchases just like any other transaction.
In other words, if you’re shopping online, only use a credit card or PayPal – it’s the safest bet. And keep close tabs on your statements – if anything looks out of the ordinary, call your credit card provider or bank immediately.
Keep it fresh
We all know that using quality passwords is essential – but it’s even more important when shopping online. Because of this, Sherry suggests you “use different passwords for every login you have to ensure your accounts are not compromised when you need them most.” If you’re not sure what makes a password good quality, check out our guide to crafting excellent passwords, and then change any passwords you’ve already created to make sure they are the best that they can be.
An even better option is to use a password manager app that will do all the heavy lifting for you. The best ones cost a bit of money, but they’ll keep you safe while saving you the hassle of remembering a billion different login credentials.
Stick with what you know
There will be a ton of deals from all over the Web flying around on Cyber Monday, and a lot of them will seem too good to pass up. If staying safe and secure is a top priority, however, you’re best off only buying from online stores that you know and trust. Sure, SuperCheapGadgets.com might have the best deal – but can you trust it? Don’t take a risk and find out the hard way, even if it means spending a few bucks extra for the peace of mind.
Shop from home
As tempting as it may be to pop into a Starbucks to get some online shopping done in the middle of your offline present buying, don’t do it. Public Wi-Fi connections are ripe targets for cybercriminals looking to steal buyers’ personal information. Instead, only shop online from an Internet connection you know and trust – preferably a home connection that’s protected with a good password.
Beware of eBay
When you’re in a rush to get all your shopping done on one day, it’s easy to forget to take extra precautions. This is especially true on eBay, where scammers can fool buyers directly with too-good deals. So don’t let your skepticism lapse just because you’re in a hurry. “Buyers should pay attention to the reputation of sellers,” says Joe Schumacher, a security consultant for mobile and cloud security company Neohapsis. “If you are buying from eBay, then look at the person’s rating and history before forking over hard-earned dollars.”When reviewing seller feedback, it’s important to note how many times the seller has been reviewed, especially recently. Power sellers with feedback in the thousands are usually a safe bet, but it’s also important to check how many negative reviews have been left. Most frequent buyers agree that unless the seller has tens of thousands of reviews, even a couple of negative reviews mean you should avoid them, especially in the last 6 months. If you’re buying a big-ticket item, it’s also important to check that no other auctions are running from different sellers using the same picture unless it’s specified that the item pictured is not the one that will be received. If you’re still on the fence, you can check a seller’s detailed seller rating (DSR) to see how well they were rated when it comes to the individual parts of a transaction, from purchasing to shipping.
Just because it’s Cyber Monday doesn’t mean that you should be required to hand over any personal information, like Social Security Numbers, that you wouldn’t otherwise need to enter when buying things online. So if a site is asking you to enter anything out of the ordinary, stop the transaction immediately. There’s no reason any online store needs more than your name, billing and shipping address, payment info, and perhaps a coupon code or two.
Use tracking updates
Finally, stay on top of all your tracking information. That way you know when a package is supposed to arrive, and when it actually does. If it’s not there when you know it should be, you can call the shipping company to report a theft. If you know you won’t be home the day an expensive package arrives, a lot of companies will let you ship it to your office. If that isn’t an option, you can order from a retailer with a brick-and-mortar location for in-store pickup, or if you’re shopping online, use the Amazon locker to protect your goods until you can get to them.