The Safe Way to Shop Online
I'm about to start spending a lot of time on the computer, doing most of my Christmas shopping online this year. What do I need to do to protect myself from identity theft?
The Monday after Thanksgiving is called "Cyber Monday" because so many people return to their offices after the long weekend and use their computers to start shopping for the holidays. And because so much money is changing hands online, it's also where many scam artists are going to reel in new victims.
The crooks continue to get more creative. Most people now know not to respond to random e-mails asking them to send money to Nigeria or open strange attachments that could expose their computer to a virus. But the next generation of phishing scams may not be so obvious.
Protect your identity. Even if a site looks legitimate, always type in the name of the Web site yourself rather than clicking on a link from an e-mail, which could lead you to a fake version of the site. And be careful of pop-ups from legitimate sites, too, which could send personal information to ID thieves.
Most importantly, make sure the Web site is secure: Look for the lock icon on the browser's status bar and a URL for a Web site beginning with https: on the page where you type in your personal information.
And remember that legitimate businesses don't send e-mails asking a customer to update personal information -- no matter how real the message may seem.
Watch out for "free" downloads, such as e-card sites and screensavers, which may include hidden spyware and adware programs that can monitor keystrokes, track Internet logins and transmit confidential information, warns Shane Keats, research analyst at the computer-security firm McAfee.
Scam artists are also sending Christmas cards that load malicious software onto your computer when you click on the attachment. Know the source before opening online cards.
And don't just limit your vigilance to shopping. Be careful of online charity scams, too. "They're creating pixel for pixel replicas of real Web sites, but they're made-up charities that sound official," Keats says.
Not only do you end up giving money to a fake charity, but also you may be giving your credit-card and personal information to a criminal gang in a foreign country. "You've given them the first building block to your complete identity," Keats says.
Before you give to any charity online, check it out at the Better Business Bureau's Wise Giving Alliance, and type the name of the charity in yourself in a new browser.
Protect your computer. Because scam artists keep improving their pitches, it's important to protect your computer even if you're very careful. Install anti-virus software and a firewall, and update them regularly.
Anti-virus software scans incoming communications that could contain malicious files, while a firewall protects both the inbound and outbound connections to your computer. Several companies also offer programs that help assess the security of Web sites.
McAfee's SiteAdvisor, for example, tests millions of sites and gives them a green, yellow or red safety rating. A site gets a red light if the test computers ended up with viruses, adware, spyware or unwanted programs after downloading from the site. Sites are also checked to determine whether they attempt to gain your personal information fraudulently, whether they have excessive pop-ups and whether their e-mail registrations lead to unwanted spam. For more information about computer-protection programs, see Protect Your PC.
For more information about safe practices for online shopping, see the Federal Trade Commission's 10 Tips for Smart Holiday Shopping Online. The National Cyber Security Alliance's StaySafeOnline.org site and the federal government's OnGuard Online site are filled with great information about protecting yourself when online, especially the 7 Practices for Safer Computing list.
Got a question? Ask Kim at firstname.lastname@example.org.