5 Rules of Safe Online Shopping
Holiday online shopping has reached $22 billion, up 12 percent over last year, and it's not over yet.
But millions of tech-savvy shoppers are ignoring the advice of security experts for safe online shopping. More than half of people don't check for an HTTP connection before making a purchase and 50 percent don't look for the browser padlock icon that indicates personal information is being encrypted between the shopper and the site, reports a study of 2,600 online shoppers conducted by security firm Webroot.
"Through our survey, we learned that one in seven respondents has already become a victim of credit, debit, or PayPal account fraud this year," said Jeff Horne, threat research director at Webroot, in a statement.
Account information can be stolen from operators of a malicious site, cloaked as a legitimate e-commerce site. Identity theft can also take place over an unsecured public Wi-Fi network, and victims may never know theft has occurred until irregularities are spotted in bank statements or other financial accounts.
Rules for safe online shopping
- When you proceed to checkout, stop and take a look at the site's url in your browser's address and look for "HTTPS" at the beginning of the string. The "s" indicates sensitive data will be encrypted. "Never conduct a financial transaction on a website unless it displays "HTTPS" in the address bar," Horne said. "And on sites where the retailer uses extended SSL validation, look for the address bar to turn green on secured pages."
- Look for a padlock icon in the address to learn more about the site's security.If the lock is not to the left of the URL, and appears on the page itself, it does not designate any type of real security. When you click on the lock icon in the bar, it should bring up a window with security details.
- Avoid public Wi-Fi hotspots for online shopping. Hi-tech "sniffers" such as Firesheep can gather personal information from nearby computer transmissions, but people should be aware of low tech dangers as well. A crowded Starbucks can be an ideal location for thieves to steal passwords and account information from online shoppers oblivious to those around them.
- Don't save passwords in the browser. Use strong passwords that include letters, numbers and a special character if allowable on the site. Never use your banking password for any other site.
- Don't allow a site to save your credit card information; the convenience is not worth the risk.