5 tips for safe online holiday shopping

Posted at 5:43 AM, Dec 03, 2015
and last updated 2016-08-31 12:05:37-04

Online shopping is big business, especially during the holidays. More and more consumers across the world are going digital to purchase goods, particularly in countries where e-commerce is really taking hold over the way people shop.

According to a collaborative study — published by the OC&C Strategy Consultants, PayPal and Google— online retail markets in the U.S., U.K., Germany and China will double to $976 billion by 2018.

Unfortunately, the rise in online transactions has caught the attention of cybercriminals who are keen to exploit individuals attracted by convenience and affordability that make the Internet such a compelling place to be.

With that in mind, ESET’s cybersecurity researcher team put together five top tips on how to stay safe and secure when shopping online.

1. Stick with trusted brands that have a strong reputation— but also be aware of fake big-brand websites and emails.

Sticking with popular brands is good advice when shopping online. Not only do you know what you’re getting in terms of quality and price, but you can also expect these well-established names to have robust security measures.

However, be careful, as fraudsters often create fake, professional-looking websites to lure in unsuspecting victims. Their efforts can be quite remarkable, as researchers at Google and the University of San Diego found last year. They observed high-quality phishing sites are so effective that they have a 45 percent success rate at extracting data. For average-looking fakes, that figure drops to 14 percent. Also, be careful of phishing emails, which replicate big brand names and ask you to do things like “click to verify your order” or “authenticate your credit card.” If there are any red flags, call the retailer, or sign into your account through a new window. Take this clever phishing email quizto test your knowledge!



2. Use credit cards and secure payment services instead of debit cards.

As a general rule, credit cards, in comparison to debit cards, offer consumers additional protection when shopping online. The main advantage is that a credit card account is in no way linked to whatever funds you actually own. And that’s not all:

“Unlike debit cards, credit cards may have a limit on the monetary amount you will be responsible for paying if your information is stolen and used by someone else,” explains StaySafeOnline, a National Cyber Security Alliance initiative.

Using secure online payment services, like that offered by PayPal, is also advisable. The advantage with these providers is that they act as a middleman, whereby you deliver payment to them and they pass it onto the retailer. Your bank details always remain unseen.

3. Look for HTTPS and the padlock symbol.

HTTPS is an online safety protocol that encrypts information so that data can be kept private and protected. The “S” stands for secure. In most cases, the text in the URL is preceded by a padlock symbol (if this is missing, the website should be treated with caution).

Websites that use HTTPS are safe because they utilize SSL (Secure Sockets Layer) to encrypt any information that is distributed online, such as your credit card details. Banks, retailers and others use encryption during your transaction to keep your information out of the hands of cybercriminals.

For additional safety and peace of mind, use Internet security software – some offer banking and shopping/payment protection to help prevent thieves from grabbing your data.

4. Be wary of dodgy offers that are too good to be true.

We’ve all come across a legitimately unbelievable offer and jumped on it with enthusiasm, glad to have the opportunity to purchase something at a fraction of its true cost.

But that is rare. The old adage “If it’s too good to be true, then it probably is” should inform how you shop online, because there are plenty of scamslooking to hook you in with tempting offers. In some cases, the perpetrators are looking to simply infect your device. The more reliable the brand and the more secure the URL, the more likely it is that it’s authentic. If not, then walk away.

5. Opt for your mobile phone network over public Wi-Fi.

Public Wi-Fi is something we’ve come to expect. From shops to cafes to restaurants, being able to access the Internet with little or no cost is in tune with our connected way of living.

However, when it comes to buying online, the convenience of public Wi-Fi can be overshadowed by the many risks that are associated with this service. You’d be surprised at how unsecure many hotspots actually are and how easy they are to attack.

There are ample solutions to resolving the vulnerabilities associated with public Wi-Fi, but, in general, when out and about, opt to use data provided by your network provider when going online.

For over 25 years, ESET® has been developing industry-leading security software for businesses and consumers worldwide. With security solutions ranging from endpoint and mobile defense to encryption and two-factor authentication, ESET’s high performing, easy-to-use products give users and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real-time to keep users safe and businesses running uninterrupted. For more information, visit