In the past couple of years we've heard announcements from several companies who have had their databases hacked and private customer information compromised. When this happens the data breached isn't always financial data, but nonetheless you still probably don't want your personal information floating around out there where it can be used by a malicious hacker.
Just last week Zappos.com, an online shoe retailer announced that they had been the victim of a cyber attack, and although credit card information hadn't been accessed, there was still plenty of private information compromised. As such they announced to customers that all passwords would be reset, and all users would have to choose a new password. They also suggested changing password information on other sites where similar passwords were used.
Not only is it a headache for the company when something like this happens, but the potential for identity theft and credit card fraud could be a huge liability for us as consumers.
So what can we do to protect ourselves from finding ourselves in a situation like this?
How To Protect Yourself When Shopping Online
There are a variety of ways that you can protect yourself from hackers, criminals and identity thieves when shopping online.
- Limit your exposure: The best way to avoid having your information compromised is to limit where you have it stored. The less places you save your information, the less databases you'll be in and the less risk you'll be exposed to.
- If the site looks fishy, stay away: If you've gone to a site and it looks a little risky to be shopping there, trust your instincts.
- Make sure you're checking out on a secure page: When you're checking out on an e-commerce site, make sure to look for the https:// in the url bar, instead of just http:// on the checkout pages. If the page isn't secure, avoid entering any personal or financial information.
- Avoid public Wi-Fi or hotspots when shopping or accessing financial data: When shopping online, try to avoid entering passwords, credit card numbers or other personal information when on a public Wi-Fi access point or hotspot. Yes, it's convenient, but it can also leave your data accessible to hackers in some cases. Also avoid financial sites like bank accounts, mint.com, adaptu.com or other aggregators. If someone gets your password for those accounts you could lose a lot of money, and you may have no recourse.
- Never give your Social Security number online: If you're shopping on a site and they ask for your social security number, it's probably a scam. They shouldn't have a need to use your social. The exception may be sites like TurboTax and other tax preparation software where you need to enter your number to file taxes.
- Check your credit reports and scores: Most people these days will do some shopping online. To make sure your data isn't being used in a negative way, make sure to check your credit reports regularly. You can get one free credit report from each of the credit agencies once a year through http://www.annualcreditreport.com. You can also check your free credit scores from free websites like Credit Karma or Credit Sesame on a regular basis. A drop in score could mean something is up.
- Use anti-virus and anti-malware software: Make sure to have a regularly updated anti-virus software installed on your computer, and make sure it is set to update on a regular basis. Also make sure that it's actually set to scan at regular intervals. My in-laws had the anti-virus software, but never updated it or scanned – leaving them vulnerable. When I did update their system we found they had a newer virus that it took me several hours to remove.
- Use a credit or debit card with protection: When shopping online make sure to use a credit or debit card with identity theft protection of some kind – just in case. Some credit cards also offer one time use credit card numbers. Use them!
- Be careful what you click on: When you're online use some common sense and don't click on links when you don't know the source of the email, social media message or e-card. All are ways that viruses are spread, so only open links from known sources.
- Use a third party payment system: Consider using a third party payment system like Paypal when buying things online to add an extra layer of protection – where your credit card information isn't stored with the retailer.
- Use strong passwords: Make sure to use strong passwords that include random numbers, capitalized letters and symbols. Avoid using family member names, pet names or the word “password”. :)>
When it really comes down to it you just need to use a bit of common sense, follow the guidelines mentioned above and be wary of where you're putting your personal information.
Note: If the worst case happens despite your best efforts, be prepared to follow through and know who to call in case your identity is stolen. Here's a identity theft checklist to walk you through what steps to take next.
Have you ever had your personal information stolen or compromised? What would you have done different? What steps do you take to avoid having your information stolen?