15 Top Tips for Safer Online Shopping 

It’s the holiday shopping season! (In case you haven’t yet heard. Ha!)

For some, the task is already done, and the presents are on their way to their house or may even be already wrapped. But, for others, the pressure of the looming deadline is kicking in and all shopping (probably online!) still has to happen.  

Before you whip out your credit card while sipping the latest delicious special at your favorite coffee shop, read our list of top tips for keeping your data safer while shopping online. 

1. Stick to Trusted Retailers:

  • Start by choosing reputable websites with a strong track record of security and privacy. Research retailers before making purchases and check for reviews or certifications that demonstrate their commitment to data protection.
  • Recognize signs of secure websites like those withhttps” in the URL and a padlock icon in the address bar.
  • Some will ask, “does this mean I shouldn’t use a retailer I found on Facebook?” Well, probably, but if you still want to use that retailer, just use the tips below to try to ensure your data safety.
Top retailer logos
https with check vs http with X

2. Check Site Security: 

  • Investigate a retailer’s privacy policy and terms of service to understand how they collect, use, and store your personal information.
      • (I know, you’re thinking, “Who actually reads those things??” But, it is definitely helpful – and sometimes shocking – to learn how the websites use the data you input into their systems.) 
  • Be wary of websites with unclear or overly permissive policies. Sometimes they are quite upfront about the fact that they are going to sell your data to the highest bidder! Other times they are super vague about how they safeguard your data. Either way, close that browser window immediately and search for that cool item elsewhere if either of these things are true. 
  • Before entering any sensitive information, ensure the website uses HTTPS (Hypertext Transfer Protocol Secure), indicated by a padlock icon in the address bar. HTTPS encrypts all data transmitted between your computer and the website, preventing interception by third parties. 

3. Create Strong, Unique Passwords: 

    • Use different passwords for each online account (yes, EACH), and ensure they are lengthy (like over 16 characters), complex, and hard to guess. Avoid using personal information or common phrases. NO using birthdays, anniversaries, kids’ birthdays, dog’s name, etc. 
    • Consider utilizing a password manager to create and store strong passwords securely.  
    • There are several options now that make it so that you only have to remember ONE (1) password, and the password manager will create a unique password for every account. Password managers are a great option and much safer than just changing your password from BobbyJoe321 to 321BobbyJoe! 

4. Avoid Entering Sensitive Information Unnecessarily: 

    • Unless absolutely necessary, refrain from providing sensitive data such as your Social Security number or driver’s license number unless it’s genuinely required for the transaction. Exercise caution with sharing birth dates, addresses, or phone numbers as well. 
    • It’s nearly unheard of for a website to request anything more than the last 4 digits of your Social Security number, so be extra wary if the whole number is requested. 
    • Unless you are buying alcohol or tobacco, and the law requires age verification for purchases, almost no website will request your full birthdate.  
    • Many websites now will ask for your phone number to “give you an extra X% discount on your order today.” Typically, this isn’t more than 10%, so you must weigh whether that 10% savings is worth the text message advertising you are signing up for by entering your number. Plus, every place you add your personal data makes you just a little bit less safe online. 

    5. Avoid Shopping on Public Wi-Fi: 

      • Refrain from making purchases on public Wi-Fi networks (I.e. coffee shops, fast food restaurants, hotels), as they are often less secure.  
      • Not only are they typically much less secure, but they are also places that would-be thieves like to set up to catch credit card numbers as they are transmitted over the open network.  
      • If it’s unavoidable to use public Wi-Fi, then use a VPN to encrypt your traffic and protect your data.  

      6. Use A Virtual Private Network (VPN): 

        • A VPN encrypts your internet traffic, making it more difficult for hackers to intercept your sensitive information. 
        • A VPN is particularly crucial when using public Wi-Fi networks. 
        • There are many options today to add VPN software to your laptop or mobile phone, and, after installing it on your device, it’s a simple click to start running the VPN before you make your purchases. 

      7. Enable Two-Factor Authentication (2FA) [also known as Multi-Factor Authentication (MFA)]:  

        • Whenever possible, enable 2FA for your online accounts, which adds an extra layer of security beyond just passwords.
        • 2FA requires a second verification step, such as a code sent to your phone, to log in, or using an authenticator app to generate a code for logging in. 
        • Just in case you forget to use a VPN and a hacker gains your login credentials for your bank account, if you have enabled 2FA on your bank account, then the hacker cannot get through that final step in the login process. Plus, you are immediately notified of the failed login attempt.
        • It is the best practice to enable 2FA on ALL accounts where it is offered. 
            2FA graphic

            8. Be Careful with Payments: 

              • Opt for safer payment methods like credit cards, which often offer fraud protection. 
              • If using debit cards, consider enabling additional security measures like two-factor authentication (2FA) to your bank account login.
              • Often banks offer temporary or masked numbers for using debit cards online for shopping. This provides an extra layer of protection between would-be thieves and your bank account.
              • You can also enable text notifications for all charges over a certain amount, or even for all transactions! This way you know immediately if a fraudulent charge has been made and can take steps to stop it. 

            9. Install Security Software: 

              • Install and keep anti-virus and anti-malware software up to date to protect your devices (including mobile phones) from online threats.
                  • “Up to date” means updated daily, NOT weekly. It’s a good practice to make sure to check that your software has been updated before starting a shopping session. Ideally, your security software is set to check for and install updates automatically.
              • Consider using a firewall to block unauthorized access to your computer. 

            10. Regularly Review Privacy Settings: 

              • Review privacy settings on your online accounts and adjust them to your desired level of protection.

            11. Be Vigilant for Phishing Scams: 

              • Be cautious of emails or text messages claiming to be from retailers, as they might be phishing attempts to trick you into revealing personal information. 
              • Always verify the sender’s email address and website URL before clicking on any links or providing any sensitive data.  
              • Better yet, instead of clicking on any link in an email or text, open a browser window and type in the website URL address yourself (I.e. bestbuy.com or amazon.com) to make sure you are going to the correct website and not a hacker’s spoofed (fake) site! 
            hacker phishing via email

            12. Monitor Your Accounts Regularly: 

              • Keep a close eye on your financial accounts and credit reports for any unauthorized activity. 
              • Report any suspicious transactions promptly. 

            13. Opt for Privacy-Focused Services: 

              • Consider using online payment services that prioritize privacy, such as those that offer options like temporary card numbers or masked card information. 

            14. Consider Using a Privacy Browser: 

              • Utilize privacy-focused browsers or extensions that block trackers and protect your browsing data (I.e. DuckDuckGo, Brave, Firefox, Ghostery, etc.). 

            15. Clear Cookies and Browsing History: 

              • Regularly clear cookies and browsing history from your browser to reduce tracking and protect your privacy. 
              • Most websites now ask for you to select your cookie settings from their site before proceeding to use it. Selecting only those that are “required” is the best choice, rather than “all.” Yes, it takes an extra click or two to make that change, but it is definitely worth it for your data security!
            clear history, clear cookies, clear cache options


            Whew! That’s a lot of tips. You might ask if there is anything left off of this list, and the answer is yes, there are additional steps you can take. However, this list will go a long way to improving your security when shopping online this holiday season (or anytime!).  

            Something else to note: your employees are typically doing holiday shopping from their work computers/laptops, and every unsafe click they make opens your network up to potential cybercriminals.

            PCA Technology Solutions offers training to our client’s employees to help you keep your network safe. You’re only as secure as your weakest link, and that is most often an uneducated employee! Contact us today to ask how we can help secure your business’s data and network. 

            Need help?

            Do you need a consultation regarding your business’s technology needs? Contact us to learn how PCA Technology Solutions can partner with you to help you reach your business goals.