Keep Your Online Shopping Safe

October is National Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month. That makes it a good time to do two things—make some suggestions about keeping online shopping safe and highlight some useful resources on the National Cybersecurity Alliance website.

A recent Marist poll shows that 76% of US consumers shop online, with 25% of them doing so at least once a month and 16% of us shopping online at least once a week. That’s a lot of transactions, a lot of money! It’s worth some specific attention to how to keep online shopping as safe, and therefore as enjoyable, as it should be.

First, there’s the universal recommendation to keep your accounts safe. If you use a password manager and use it to create strong passwords, that’s the single most important step. However, password managers save existing passwords, so many of the passwords stored there are probably not strong. Moreover, they may be compromised as a result of past security breaches. Here’s some good advice to make the situation manageable for those of us who have tons of accounts at mostly free content sites all over the web.

Triage your accounts and be sure at least the most important ones are protected. Email accounts are sensitive because of the amount of information contained in emails. Obviously banking accounts are sensitive—in fact all financial services accounts should be considered sensitive. So should any accounts where transactions are completed—retail accounts for example. The Cybersecurity Alliance lists social media accounts as sensitive. That depends on how worried you are about accounts being hacked and transmitting false information. That’s more likely to be embarrassing than financially damaging, and I suggest concentrating on all sites where you could incur a monetary loss. On those, implement strong passwords at the very least with multifactor authentication being desirable.

Once all transactions accounts are protected, here are other good tips for safe online shopping:

  • Shop at trusted sites. Be sure the site uses the https prefix. If the site is new but interesting, do research. Look at the content of the site and pay attention to reviews or other customer testimonials. Search the name of the site online to see if there are unfavorable posts or news about it.
  • Paying with a credit card is the safest option.
  • Provide the least information possible and never give permission for a retail site to store your credit card number.
  • Be especially careful when shopping on a mobile device. Be sure you are on a secure network and that the accounts being used are secure, including multi-factor authentication.

The National Cybersecurity Alliance website has a good post about online shopping with additional tips and links to other posts. One thing they stress is the use of a passphrase instead of just a password. “I love country music” is the passphrase example they use. Here’s a nice straightforward post about the advantages of a passphrase over passwords. Yes, the phrases are longer, more secure and can generally use spaces and special characters. However, the user is then back in the same position—needing a unique, secure passphrase for each important account. That is another big vote in favor of the simplicity as well as the security of a good password manager.

While you’re on the Alliance site, check out their Resources Library. At the moment, a week into Cybersecurity Awareness Month, the highlighted resources and posts on their blog tend to be skewed toward business issues, a good reason for business owners to check them out. Overall, they provide balanced coverage of consumer and business issues and it’s an excellent site to follow.

Their slogan of Stop. Think. Connect™ is a good one to follow year ‘round! welcomes thoughtful comments and the varied opinions of our readers. We are in no way obligated to post or allow comments that our moderators deem inappropriate. We reserve the right to delete comments we perceive as profane, vulgar, threatening, offensive, racially-biased, homophobic, slanderous, hateful or just plain rude. Commenters may not attack or insult other commenters, readers or writers. Commenters who persist in posting inappropriate comments will be banned from commenting on