In this age of
online everything, perhaps one of my favorite things is online shopping. I often say it was invented for men - most guys like myself don't get all too excited about hopping in the car, driving somewhere, and shuffling around a store trying to buy 1 or 2 things. With online shopping, from the comfort of where ever I happen to be at the moment, I can snag what I'm looking for and in most cases have it by the next day.
And during the Christmas shopping season, online shopping is the perfect tool for the consummate procrastinator - which I'm at times guilty of being myself. And speaking of shuffling around a store, what bigger pain is there for a guy like me than shuffling around a store with wall-to-wall glassy eyed Christmas shoppers?
It doesn't take an accounting genius to recognize that online shopping is
huge business. According to the statistics portal
Statista, retail e-commerce sales in the United States alone jumped from around
$42 billion in 2002 to around $210.6 billion in 2013. As one can imagine (or learn by simply watching the news), a considerable percentage of this revenue comes during the holiday season with popular shopping days such as
Cyber Monday and
Black Friday. As per the norm where big money is concerned, so comes the criminal element circling like hungry sharks waiting for the chance to feed on unsuspecting victims. The holiday shopping season is often the feeding frenzy time for these criminals.
Without question, online attacks and threats are nothing new. But with the ever-growing amount of private information being shared online for multiple reasons, with shopping being perhaps the most popular among them, I feel that it's important for everyone to have some basic guidelines and tips for navigating the waters as safely as possible. First off, one needs to know what to look out for.
Phishing
This particularly nasty (and actually pretty genius) form of threat typically involves legitimate - looking websites that trick people into sharing user names, password, or other sensitive information. The hope is that you won't realize you're not actually at "Bank of ____" 's website and will unassumingly provide this information. Then, they can use this to log into your real accounts and....well, I think you get the picture.
Online Scams
I often joke about how I actually don't need to work another day in my life, given the amount of money that has been entrusted to me by every Nigerian prince that ever (not actually) existed. I use GMail, and thankfully its filters work effectively enough to provide me with a very entertaining
spam folder. But as time goes by, these attempts grow more and more sophisticated. The FBI's
Internet Crime Complaint Center lists dozens of variants on email and online scams - from fraudulent automobile auctions to online dating schemes - in its annual Internet Crime Report. In 2013 alone, more than a quarter of a million complaints were submitted related to online scams. But hey - you're young and savvy. This is somewhat old news and you've warned your parents and grandparents, right? Well, consider this: one fifth of scam victims last year were younger than 30.
Massive Data Breaches
To be clear, my intent isn't to scare anyone away from Internet use. In fact, I'm often questioned about personal online safety and security. As I assist with explaining the risks and tactics to stay safe, I try to reiterate that these same risks have existed long before the Internet, often in greater proportion. I also try help people understand that the truly serious, "professional" hackers are not after
you particularly. The fact is, the vast majority of these individuals are very smart and aren't going to risk getting caught committing a crime over your personal information only, which may not amount to anything of value to them. Simply put - why risk jail time stealing one person's info when you have the same capability of harvesting tons more?
Recent hacks of Home Depot, Target and other major retailers have led to millions of credit card numbers being compromised. Hackers turn around and sell these numbers and information on a black market to anyone who might be willing to buy them. Sometimes, these numbers and forms of information aren't directly tied to individuals but can instead be used to establish fake identities that can be used to harvest hundreds of thousands of dollars in credit, which has a damaging affect on the overall consumer market.
So with these and other threats out there looming, just how do you protect yourself? First and foremost - DON'T BE PARANOID. Truth be told, throughout the years I've serviced many PCs that had crashed due to people doubling up on anti-virus this or that, every other firewall, and multiple anti-malware packages. Just remember, the Internet isn't "out to get you". Instead, employ a bit of vigilance -
- Look carefully at any website you're considering purchasing from. Be on the lookout especially for poor spelling and grammar.
- Look for incorrectly placed characters - for example, a zero (0) placed where and O should be such as "Home Dep0t".
- Be especially careful when bargain hunting. A website selling a brand new iPhone 6 for $200 is more than likely not a safe place to provide personal information to.
- Pay attention to website names. Remember - all websites reside in "domains". The most common of these domains is the ".com" domain. This domain stands for "commercial", thus most of your trusted retail sites will have this domain suffix. For example - if you're trying to purchase something online from Walmart, yet the website reads something odd like "www.walmart.krq", don't proceed!
Another effective tool is two-factor authentication. Most major banks nowadays (mine included) require this when you first log in from a computer that you have authenticated or added to a trusted device list. This often works by the institution sending you a text to your phone number on file, or an email to your email address on file. After entering this number you are usually prompted to register the device you're on (if it's your personal device that you plan on accessing with in the future), or to just activate for one time use (if it's a device that you're using just once - i.e. you're using a computer at your Public Library). This particularly effective in a case where your user name and password may have been stolen. As for email accounts, Google takes this a step further with
Google Authenticator .
These tips should help you protect your personal data by being mindful of your online activity. But what about those merchants your choose to do business with? After all, what happened with the likes of Target and Home Depot was not due to any fault on the consumers' part. Don't be afraid to ask these merchants exactly
HOW they are storing your customer data. Some may do so in-house, while others do so on
secure servers. And if you know of a start up merchant who is looking for a secured solution, please don't hesitate to provide this information to them. After all, malicious online activity does not only hurt the consumer, it can also cause permanent damage to a merchant's reputation.
Overall, don't be afraid to swipe up some good online deals. Don't be paranoid by shopping online - I do a large percentage of my shopping online. But please be mindful of what sites you're visiting. If things look somewhat odd, chances are something is wrong - trust your gut instinct. Try to stick to reputable, well-known sites like
Amazon. But most of all, have fun and enjoy this holiday season!
Do you have any online safe shopping tips? Please feel free to share below!
