From 1994, when the first online transaction took place, to recent years, when almost two billion people shop online annually, e-commerce developed into a trillion-dollar industry. The coronavirus pandemic accelerated its growth and led more people to shop online. In June 2020, e-commerce platforms worldwide reached a record of 22 billion visits. With the holiday shopping season nearing and imminent lockdowns coming, the number of online shoppers and the volume of online purchases are expected to grow even more. Shoppers are turning to e-commerce platforms not only for fashion and tech, as they used to in previous years, but also for groceries and everyday items. In the United States, 42% of the population bought groceries online in 2020. On a global level, it is expected that 63% of the world’s population will shop online by 2025, according to Statista.
Online shopping: cyberthreats
While the advantages of online shopping are clear, privacy and security risks are less known. Online shoppers are often targeted by cybercriminals, especially during the shopping season. Caught up in the shopping frenzy and rushing to get the best deals, online shoppers might overlook the warning signs of online scams. Cybercriminals attempt to steal personal data, login credentials, or spread malware. The most common cyberthreats are phishing, data theft, and spam.
Phishing is the most common cyberthreat online shoppers face. Phishing scams spread malware through malicious URLs spread via fake shopping sites, email, or direct messages. In the past years, Avira’s Protection Labs have been detecting peaks in phishing attacks between October and December, and the number of malicious URLs is expected to increase by at least 15% compared to the annual average by the end of November.
Attackers can easily intercept transactions if the online shop does not use encryption or can add malicious scripts, such as keyloggers, to access credit card details given in the checkout form. Just a few months ago, 2,000 online shops using an older version of Magento were hacked. Magento, a popular open-source software for online shops, powers more than 100,000 online stores. The e–commerce platforms that failed to keep up with the Magento software updates were an easy target for hackers.
In the rush to get discounted products, many online shoppers skip reading the terms and conditions. If you quickly agree with all the terms, you might allow the shop to share your data with business partners, advertisers, and other organizations. Besides giving up your data, you also become a target for spam. Without realizing it, you allow many other businesses to contact you and send offers, and your inbox might soon get clogged.
Tips for safe online shopping
1. Shop from trusted vendors
Chances of getting scammed are lower if you shop on reputable e–commerce platforms that you know and trust. However, make sure you are accessing the right online shop. A typo in the address bar might take you to a fake site that looks similar to the one you’re looking for, but it’s actually a site meant to steal your personal data. Setting up fake sites is one of the most common phishing scams.
2. Watch out for phishing scams
Phishing comes in many forms: fake sites, emails with phishing links, posts on social media promoting deals that are too good to be true. When a deal sounds too good to be true, you need to be vigilant and carefully check all the details. Scammers often use time pressure to convince shoppers that they need to purchase the product immediately, without checking the fine print. Learn more about how to prevent phishing attacks.
3. Vet new online shops
If you do find a great deal available in an online shop you’ve never heard of before, take some time to do a quick background check. Make sure the site uses a secure HTTPS protocol. Second, inspect the site’s SSL certificate to ensure the site is legitimate.
Every secure site that uses encryption has an SSL certificate. To view it, click on the padlock icon in the address bar. In Chrome and Safari, click on View certificate. In Firefox, click on Connection Security and then on More information. The name on the certificate should correspond to the organization that owns the site, and it should be issued by a trusted authority, such as VeriSign, Thwate, Entrust, Symantec. You can look up the name of the organization that issues the certificate if you have doubts.
4. Avoid using public Wi-Fi
Public Wi-Fi is inherently unsafe, and you should generally avoid using it for any activities. However, for online shopping, online banking, and other activities that involve sharing sensitive data, such as credit card details, you shouldn’t ever use public Wi-Fi. While it might be convenient to shop on the go, remember that cybercriminals can easily intercept your data if you use public Wi-Fi.
5. Use a VPN
If you have no other choice than to use a public Wi-Fi connection, you should secure your connection with a VPN. A VPN masks your IP address and creates a tunneling protocol between your local network and the server you are trying to access, encrypting your data in transition. Other users and even the Internet Service Provider won’t be able to track your activities if you secure your connection with a VPN.
In addition to enhanced security and privacy, there’s another key advantage of using a VPN for online shopping: you might get better deals. You could choose to buy the items on your shopping list from a different country, where prices are lower, or even get access to deals that are not shown in your area. Avira Phantom VPN gives you access to more than 150 locations worldwide.
6. Set dedicated passwords
As you need to register and create a profile in each online shop, the temptation to reuse passwords is high. Don’t fall prey to it — take the time to set a unique password for each of your accounts. If you run out of ideas for unique passwords, use a password manager. Avira offers a free Password Manager that helps you generate unique passwords, impossible to hack. You can save as many passwords as you like and log in instantly to all your favorite shops by remembering only one master password.
Some shops also give you the option to log in with another account, such as your Facebook or Google account. This might seem easy and convenient, but you should remember that by doing this, you give access to your public profile, email, maybe even your contact list. To limit the amount of personal data you spread online, it’s best to create separate accounts for each service you use. With a password manager, keeping all your accounts organized will be a breeze.
7. Pay with credit card
Use a credit card instead of a debit card. If your card details fall into the wrong hands, at least you won’t give attackers access to your bank account. As credit card fraud is, unfortunately, very common, credit card owners are not liable for fraudulent purchases. You can also consider a virtual credit card, with a temporary card number that attackers won’t be able to reuse.
Tools to help you shop safely online
There are plenty of tools that can help you stay safe online, and Avira provides them for free. We believe that security and privacy online are rights, not privileges, and strive to provide the best protection for users worldwide.
Avira Free Security protects you from all forms of malware: spyware, ransomware, keyloggers, adware, and more. With a highly efficient use of system resources, our antivirus offers complete protection without slowing down your device.
Avira Safe Shopping is a free browser extension that blocks ads, phishing sites and helps you keep your online activities private by preventing advertisers from tracking you. That pair of shoes you once checked out won’t follow you all over the internet.
If you are looking for a complete solution for privacy, security, and performance, Avira Prime is a perfect choice. Avira Prime brings together our award-winning antivirus, VPN with unlimited traffic, Password Manager Pro, and many other tools to enhance your devices’ performance. And one more thing: one subscription covers five devices, so you can protect your PC, tablet, and smartphone, or even share the benefits of Prime with family and friends.