Business & Economy Society & Culture

Holiday shopping should include online security steps

Athens, Ga. – Many holiday shopping lists include online purchases, but is that website safe for credit cards? A security proponent at the University of Georgia has some tips for secure online shopping for shoppers making their lists and checking them twice.

“Use your head when doing your online shopping this holiday season,” said Laura Heilman, a security awareness and education manager in the university’s Enterprise Information Technology Services office. “Do not shop on public Wi-Fi networks or on public computers. And, avoid making purchases directly through links in emails.”

Heilman suggests shopping online with a credit card, instead of a debit card.

“Credit cards tend to offer better consumer protection than your debit card if you are scammed,” she said. “Plus, criminals who have your debit card number can wipe out your bank account’s funds. You may be able to recoup part or all of the money you lose, but you will still have a major financial headache while you straighten things out. You may even want to consider purchasing a pre-paid card for your online purchases.”

Before shopping online, make sure the computer has been installed with all of the current updates of its operating system, Web browser, anti-virus and anti-malware software. Secure the Web browser by adjusting the settings to block pop-up ads and prevent cookies. When it’s time to log out, clear the cache on the Web browser.

And when it comes to shopping online with a smartphone, it’s vital to have security software installed. Smartphones are increasingly being targeted by malicious software and scammers. Also, use a password, pin or swipe pattern to unlock the device. This will protect private information in case the phone is lost.

Heilman suggests the following tips for shopping safely online:
• Stick to well-known and trusted merchants. Go directly to a merchant’s website to make an online purchase. If a website’s URL looks strange, such as Amazon.net instead of Amazon.com, or is misspelled, it may be a scammer’s website.
• When setting up an account or making a purchase on a website, be sure to look for the “s” in “https:” at the beginning of the site’s URL. That means the website is secured with encryption. If the “https:” isn’t there, it’s not a secure website.
• Click on the padlock icon near the URL in the Web browser’s address bar or in the gray status bar at the bottom of the page. Clicking on the padlock icon allows access to the website’s security certificate information. Keep an eye out for statements that the site is secure and the certificate has been verified by a trusted certificate authority, such as Symantec, VeriSign, Geotrust, Thawte, Comodo, GoDaddy or Global Sign.
• Look for the seal of approval from companies, such as Verisign, McAfee, Comodo or Trustwave that indicate the website has passed security and privacy tests. Also be on the lookout for endorsements from credit card companies and the Better Business Bureau’s seal of approval.
• Read the merchant’s return policy to ensure they provide a physical address and phone number, instead of a P.O Box and email address, in case there is a problem or the item needs to be returned. Print or take a screen shot of the order, as a record of the purchase.

And, if a deal sounds too good to be true, it probably is, Heilman said. “If you feel uncomfortable about buying from a merchant, even after you have checked them out, trust your instincts,” she said. “Go shop online elsewhere.”

The Office of Information Security at the University of Georgia has more information on identity theft and phishing scams available at infosec.uga.edu. The Office of Information Security is a part of the university’s Enterprise Information Technology Services. For more information, see eits.uga.edu.