From 2002 to 2011, online e-commerce sales have quadrupled to $256B, and an estimated 47% of consumers purchased their holiday items online in 2011. These numbers have been trending upward for over a decade and you are probably one of those online shoppers if you’re reading this article. This howto explains how you can be a safe online shopper.
First, The Basics: Computer Security
Safe shopping starts with a safe computer. First, use a current Web browser that is fully patched. Don’t use an old browser. IE 6 users, I’m looking at you! Microsoft has an up-to-date, modern browser in Internet Explorer 8 and of course there are many, excellent alternatives such as Firefox, Chrome, Opera and Safari.
Next, ensure your antivirus software (AV) is up to date on your computer. Out of date virus definitions and/or AV engine can sometimes be just as bad as no AV program. And if you don’t have antivirus, then drop everything and get something installed ASAP. If you’re unsure, just ask your friendly neighborhood geek. Ideally, your AV program should also detect and clean up spyware and malware.
Last, don’t share your computer. Why? Because personal information such as names, addresses, what sites you’ve visited, and potentially even payment information like credit card numbers, can get lodged in little caves on your computer with techie names like cookies, files and caches.
If you must share your computer, it should only be with your spouse/significant other. And even then, it’s best to set it up to use different user accounts.
The absolutely strict rule on computer use is not to use a public computer to shop online. Pretty much, you should think of a public computer in this way: "Don’t touch it, you don’t know where it has been!"
Beef Up Your Browser’s Security
When you’re surfing the Web, it’s almost impossible to tell just by visually examining a site whether or not it’s dangerous or run by a dishonest operator. Luckily there are tools to tell us – while we’re surfing – if those sites are (or are potentially) dangerous.
Two top extensions for your browser are WOT (Web of Trust) and McAfee’s SiteAdvisor. These are available for Firefox, Chrome and IE. WOT also offers a bookmarklet for Opera and Safari. You may also go directly to their respective websites to punch in a URL/domain name to see if they (the questionable sites) have any black marks on their record.
Evaluate the Vendor’s Website
Many online shopping websites sport 3rd-party certification-like images such as those from BBB and TRUSTe. Be a bit wary of those, as it is very easy for vendors to include the logos/images on their websites without actual certification.
Ensure the vendor is actually listed in those certifying databases – a good test is that the image/seal is clickable and takes you to their profile page on the 3rd-party certifier’s site. However, also keep in mind another unlikely but possible scenario: the vendor can become certified then decide later on to turn to unscrupulous practices.
Next, check that they have disclosures and policies listed on their website. In particular, look for privacy, shipping, return, and refund policies. Vendors that don’t have these scream amateur or worse, scam. Yes, I know you’re not going to read them end to end, but at least skim them. Please.
Last, they should have a phone number and a real mailing address listed on their website. Try calling the phone number and just say you wanted to see if they were legit. At best, you might get a laugh. At worse, you’ll find out it doesn’t work and/or it goes to voice-mail.
Be a Detective: Find Dirt on the Vendor
Still not sure about the vendor? Well if they’ve been around for more than a few weeks, there’s an excellent chance that someone has used them and has had a few choice words about them.
The first and easiest method is just to use your favorite search engine to see if any bad comments have bubbled up to the top. If that fails, and/or you want some more evidence, good or bad, try checking sites like BizRate, Google Shopping, and Amazon (if they’re listed in the Amazon marketplace). Read some of the customer comments and you will notice a pattern. Reputation matters in the online world just as it does in the real world.
If you’ve never heard of the vendor before or seems like they’re a small outfit, I tend to favor ones that use Google Checkout, or some other independent payment processing service, so that at least there’s another buffer who I can turn to in case the vendor turns out to be flaky.
Despite all of these warnings, don’t be completely scared off by small companies. Sometimes, you get a much better experience with them because they’re hustling harder than their giant brethren to win new customers. I know I’ve found some amazing deals from small vendors over the years.
Beware of Scams & Too-Good-To-Be-True Prices
This is especially true in the high-end software market where in-demand, but expensive titles are pirated, just copied and sold at highly discounted prices.
One quick way to tell if a price is suspect is when you see a number of reputable vendors selling the product at about the same price, give or take a few percentage points, but then there’s an outlier that is selling it for 20% or more less than the average.
If you still can’t get that ‘great deal’ out of your head, then send the vendor an e-mail and ask them directly how their price is so low. Their response (or lack thereof) will tell you a lot as to their credibility.
Purchase and Checkout
So you’ve done your homework on the vendor and you’re ready to whip out your credit card and pull the trigger. Here’s what you need to know.
First, buy using a credit card (not a debit card) with a written policy of allowing you to easily query questionable charges (most do). Using Paypal is another decent option particularly for items purchased off eBay, less so for items purchased on other sites, but they at least have a mechanism to allow you, the buyer, to lodge a complaint and have it investigated.
When you hit the checkout page (where you enter your payment information), ensure that the URL, aka the Web address, starts with ‘https‘. Note the ‘s‘ – it really stands for ‘secure’! Also, look for a little lock/padlock symbol. Modern browsers all have this as a visual indicator (usually to the right of the Web address) that you’re on an SSL-secured page.
What this all means is that when you submit your credit card or payment information to the vendor, no one else in the middle on the Internet can read it. Please note that this does not mean that the vendor can’t run off with your money; it just means there’s very little chance someone else will.
Next, don’t ever submit your Social Security number or your bank account number. Honestly, why would an online vendor need that? Does Starbucks ask you for your SS# when you buy a latte? They only need some basic information: name, address, phone # and credit card information.
If you’re really concerned, check with your bank to see if they offer one-time use credit card numbers. Bigger companies like Citibank, Bank of America and Discover offer this service.
If you need to create an account with the vendor, use a throwaway password or at least one that you don’t use for important functions like banking and e-mail.
Save and/or print the order confirmation page just in case you don’t get a confirmation e-mail.
Finally, review your credit card statement the minute you get it to ensure that you were charged exactly what they said they would charge you. Better yet, log into your credit card account online and check it immediately. You might have to wait an hour or up to a day or two in case your credit card company is stuck in the 90s.
Hopefully everything goes smoothly and in a few days, you’ll get a box on your doorstep with a shiny new gadget packed safely in there. But if not, what do you do? Well, it’s tough chasing down these nefarious vendors, but try the obvious. Send them an e-mail. Call them. You can even file a complaint with the FTC, and/or with the BBB.
When all else fails, be conservative in your judgment. If a site looks dicey or your Spidey-sense is tingling, then don’t take the risk. Of course, that doesn’t mean if you don’t like Amazon.com for one reason or the other that they’re unsafe. That’s similar to not liking Walmart. You may
detest have your reservations about them for some reason, but it doesn’t mean they’re about to run off with your money.