The holidays are approaching, which means it’s also the time of the year for identity theft, online tracking, and hacker exploits. Use these 7 tips to stay more private while you’re shopping online this season:
1. Beware of spear phishing
With so much of your personal information publicly available online through tracking, marketing, and social networks, it’s now easier for spammers to impersonate you. That means they can send more personalized—and thus believable—spam messages to you and the people in your contacts lists. These hyper-targeted schemes are called spear phishing, and they can happen in your email and on social networks.
You can spot spear phishing messages through these characteristics: they often appear to have been sent from someone you know and email often, may refer to the name of a person you both know (which they scrape from your contacts lists), and contain a link. Do not click the link! If you do, you may download a virus, a keylogger, or other malicious software that collects your sensitive information, including your credit card number.
If you receive a spear phishing message, report it to your email provider or social network and tell the person it appeared to come from. Monitor your bank statements closely to look for unfamiliar charges, especially small ones: fraudsters often test if a credit card works by charging less than a dollar. It’s also a good idea to scan your computer regularly with anti-virus software. Companies like Avira, Avast, and AVG have excellent free software.
2. Do the shopping cart trick to get discounts
If you know ahead of time that you want something, put it in your shopping cart but don’t check out. If you have an account on that site, many sites will email you with a discounted offer for that item (but you’ll probably have to wait at least a week). This trick works all year round, not just during the holidays.
3. Use a privacy tool to block online tracking
Trackers follow you across the web, collecting and selling personal information like the articles you read, your favorite sites, your Facebook friends, your buying habits, and the videos you watch to build super-detailed profiles about you. Companies use these profiles for things ranging from merely annoying, like targeted online ads, to scary, like determining your creditworthiness or hireability. The top 5 shopping sites in the US have between 14 and 18 different trackers on them.
Sometimes this data leads to price discrimination, also called “dynamic pricing,” where you’ll see higher prices than someone else for the same item. Earlier this year, the Wall Street Journal found that the travel site Orbitz was showing Mac users more expensive hotels than PC users in its search results. Price discrimination is legal as long as the price differences are based on reasonable business practices, like rewarding loyal customers, and not on the basis of protected categories, like race or gender.
Block online tracking for free with a browser tool like DoNotTrackMe to reduce the risk of unfair pricing.
4. Use a masked email when signing up for accounts on shopping sites
Many shopping sites require you to create an account with them to make a purchase, and they’ll often sign you up for unwanted marketing emails without your knowledge. Worse still, they may sell your email to dozens of other companies that they work with (or who are simply in the market for personal data).
Use a masked email to receive your important email confirmations, but block it later if you start getting spammed. Masked emails work just like normal emails, but they forward to the personal email inbox that you select, and you can make as many as you need. Then if your account on a shopping site is ever hacked, the hacker only has your one-use email.
5. Use a VPN to make sure your payments are secure
Stop hackers and insecure websites from getting your credit card information by using a Virtual Private Network (VPN) when you make your holiday purchases online. Using a VPN secures your connection to all the websites you visit, so think of it like HTTPS (those secure URLs designated by a little padlock in your browser’s address bar) for the entire web. Many VPNs are free and easy to use, like Hot Spot Shield or Private Wifi.
6. Scope out privacy policies
We know they’re dense and a pain to read, but especially if you’re making a major purchase, it pays to read the fine print. One trick is to skip through the policy until you find the section about how the retailer shares your information with third parties or affiliates. The more they share your data, the more likely you are to get spam from them in the future.
7. If you do get hacked, here’s what to do
If someone steals your credit card information or hacks any of your accounts, start by calling your bank and canceling the card. Then go down the list of sites where you’ve registered an account and change your password, starting with the most important ones that are linked to your financial information (like online banking, loan payments, or PayPal), your primary email account, and your social networks.
Immediately run a full system scan with anti-virus software (see our tip number 1 above for some recommendations).
Do not use the same password everywhere, or it’ll mean that one hacked account puts all your accounts at risk! Instead, use password management software or a password memorization rule you’ll keep in your head. Here’s a forget-proof password system we recommend:
Good luck bargain-hunting, and stay private!