According to Adobe Analytics, Cyber Monday sales in 2022 reached an astonishing $11.3 billion! With so many people, myself included, doing the bulk of their shopping online, it’s important to maintain safe online shopping practices.
I consider myself a savvy online shopper. I make sure I stick to trusted retailers, and I always use a credit card — but even I make mistakes sometimes.
Especially during busier shopping seasons — around the holidays, for instance — it’s easy to become complacent and fall prey to online scams. Whether it’s buying something on a fake website or buying something that is fake, there are several things you can do to help avoid fraud and scams when online shopping.
1. Only shop with trusted vendors
This is, by far, the most important safe online shopping tip.
Be very selective when you shop online. Don’t buy something from a store based solely on the cheapest price or free shipping or some other promotion.
Anyone can start a website, and sometimes scammers will make a fake site with unbelievable pricing. I know because I almost fell into this trap one summer when I was buying pool supplies. I didn’t buy it from a trusted vendor and the product never arrived — I had to go through my credit card company to refund the charge.
Check for complaints on the Better Business Bureau. Look for reviews on sites like Trustpilot and Google Customer Reviews. And finally, trust your gut as you navigate the website. If it looks off, don’t buy.
Also, if you’re buying through Amazon, double check the merchant. Many companies sell through Amazon, and you run the risk of buying something that’s not as advertised. Amazon should protect you in those cases, as should your credit card, but you want to avoid the hassle (especially if it involves potentially compromising your credit card).
Finally, when you do buy, make sure the website is secure. Look for a lock symbol in your browser (usually located in the address bar). This means the website has a valid SSL certificate and is encrypting communications.
2. Refrain from saving your payment information
Unless you buy from a website on a regular basis, don’t save your credit or debit card information on that website. Your information is less likely to be stolen or misused if you never save it.
If your credit card offers single-use credit card numbers or virtual credit card numbers, use those instead. With virtual credit card numbers, the information is only valid for one transaction. After one use, the number cannot be used again. Not all credit cards offer this, so check with your issuer.
If you have Microsoft Pay, which should be available on all devices, you can add your Ally Bank Debit MasterCard. Microsoft Pay can generate virtual numbers.
If your issuer doesn’t offer single-use credit card numbers, consider using a third-party payment service (such as PayPal or Venmo). They can store the credit card information and process the transaction on your behalf. The merchant doesn’t get your payment information.
3. Turn on transaction notifications
Most credit card issuers have a system that can notify you whenever it sees a transaction. I have all my cards notify me via email whenever there’s a transaction. That way, I know whenever there’s any suspicious activity and in the case of fraud, I can deal with it immediately.
I’ve had times when the email has reached my inbox before the server in a restaurant has returned with my credit card!
4. Avoid insecure devices
Much like shopping at reputable websites, avoid using “insecure” devices. Your phone and your personal computer are typically fine, but avoid places like a hotel business center or while you’re connected to a coffeeshop’s public WiFi.
You’ll likely be safe if you’re using an encrypted website (look for the lock) but insecure networks can record all your activity.
If you’re on public WiFi and must buy something, consider using a virtual private network (VPN) — if the site allows — to secure your communications. It connects your device to a secure location and encrypts your network traffic so no one can steal it out of the air.
In general, you should never type your username and password on a computer that isn’t always in your full control. Thieves can install keyloggers that collect everything that’s typed into a computer’s keyboard and use the information later to log into your account.
Finally, enable two-factor authorization on your financial accounts. Many banks and brokerages offer this extra security measure as a standard nowadays.
5. Check the return policy
I always research a store’s return policy. You want to know the terms for returning an item because sometimes what you buy won’t fit or doesn’t work as you expected.
How many days do you have? Is return shipping free? Will you have to pay a restocking fee?
If you can’t find a return policy, that’s a huge red flag. Every reputable retailer should allow you to return unused and unopened items within a set period of days, often 14 or 30 days. During the holiday rush, many may let you return it after the new year. At worst, in the case of many electronics, there may be a restocking fee.
Your credit card may also offer Return Protection. Return Protection covers you if you try to return an item within a certain number of days of purchase, usually 90, and the merchant refuses. The card may refund the purchase price, minus shipping and handling, with dollar limits per item and per year. Check your credit card’s website or your card’s Terms and Conditions for the exact protections because they vary from card to card.
6. Review your credit or debit card protections
By law, there are protections against fraud when you use your credit or debit card. For example, The Fair Credit Billing Act limits your liability on unauthorized credit card use to just $50 if you report unauthorized activity within 60 days. If someone steals your credit card and uses it without your knowledge, you are, at most, responsible for $50. Once you report the card missing, you should no longer be responsible for any subsequent charges.
Many credit and debit card issuers promote what’s known as $0 liability. If your card is used by someone else, you may not be responsible for any amount of the charges. Make sure to review your credit card and debit card agreements to understand your liability, as they can vary.
Debit cards have similar protections under the Electronic Fund Transfer Act (EFTA). With a debit card, you have 60 days to report unauthorized transactions starting on the date of the first statement with the transaction. If you report it in time, the EFTA limits your liability to $50. If you report your card missing, you are not responsible for any subsequent unauthorized activity.
Liability protection is only the beginning. Many cards offer other perks, such as an extended warranty. They might even double the manufacturer’s warranty up to an additional year. The credit card issuer will decide whether to repair or replace the item.
We recently used this perk to replace a hot water kettle after it failed just a month after the warranty expired. The credit card just reimbursed us the full price of the kettle since it was relatively inexpensive.
7. Install and update your antivirus software
If you’re careful about where you shop online and you’re careful about the devices you use, you’re 99.9% of the way there. My last bit of advice is to secure your own computer.
It’s easy to unknowingly install malware on your computer. The most effective way to protect yourself is to use an up-to-date antivirus software package. To be extra safe, buy a full security suite that includes features like a firewall, phishing scam detectors and other features.
Finally, run scans on a regular basis and ensure your computer is updated with the latest software.
If you follow these tips, you’ll be much safer when shopping online and better equipped to avoid any risks you encounter.
Jim Wang is the founder of personal finance blog Wallet Hacks. He uses his engineering background to demystify complicated financial topics to help you achieve your goals. Jim has been featured in The New York Times, The Baltimore Sun, Entrepreneur magazine, and more. He lives in Maryland with his lovely wife and three children.