Apr 26, 2016
Online shopping is a convenient way to find, compare, and purchase items in South Africa.
However, as security breaches increase and attacks grow more sophisticated, buyers need to take greater care with their personal and banking information.
Besides standard security precautions such as keeping your operating system, anti-virus, and browser up-to-date, you should also keep the following security tips in mind.
Watch out for scam specials
If you get a promotional e-mail from a retailer, even one you are familiar with, never click on a link – ever.
That’s the advice from Adam Levin, author of Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves.
Levin said two problems could occur:
The destination the link points to could contain malware used to steal your passwords.
You could be directed to a clone site that looks like the retailer’s, which is used to harvest your identity and credit card details.
Levin said shoppers must go directly to a shop’s URL and avoid following links from promotional messages.
Before using a store for the first time, Levin said buyers must read independent reviews to ensure the site is reputable.
Check the security certificate
Shoppers should always check an online store’s security certificate.
This can be done by clicking the lock icon next to the site’s URL in the address bar.
You can also take this a step further and test a site’s Transport Layer Security (TLS) using a tool such as the Qualys SSL Labs server tester.
Using public Wi-Fi or computers
While TLS helps protect against the dangers of unsecure networks such as public Wi-Fi, it is best to avoid shopping over public connections.
Similarly, users don’t know what software might be watching their activity on a public computer, so it is best not to use one when shopping online.
Another security mistake is using the same password on two or more Web sites.
This is to guard against an attacker only needing to get hold of a single password to get into multiple websites where you have registered accounts.
Saving billing information
If someone gets their hands on your password for an online shopping site and you have saved your credit card information, they might be able to buy items with your money.
Sites which save card and CVV numbers are prime examples.
Digital voucher codes or gift cards are a popular purchase among attackers in this instance.