Whether you’re a 23-year-old diva shopping on Zappos for silver ballet flats, or a 52-year-old engineer purchasing semi-conductors on Buy.com, you need to know how to protect yourself in the big bad world of Internet commerce.
In an effort to consume everything under the sun, from the latest techno gadgets to household items and corporate supplies, and do it all in less time for less money, consumers everywhere are going online to buy the things they need, making the Internet the most profitable (and dangerous) place to do business.
This presents an obvious conundrum. With bored preteens, desperate criminals, and unsavory crackers everywhere trying to make a quick buck by stealing your data, what does a weary shopper do to separate themselves from the billions of potential theft targets wandering the Internet?
The short answer is: “nothing.”
But before you start unplugging your computer and chucking your Internet enabled cell phone into the fireplace, contemplate this…how different is virtual life from the real thing? Sure you can walk down the street carrying a can of mace or pepper spray; still, is that really going to stop an assailant armed with a 9mm pistol concealed inside his or her jacket? No, of course not. But stopping crazed criminals is not the point of commercially-available personal protection devices. The point of things like pepper spray is to keep the crazies and “small-time” crooks at bay. No one expects pepper spray to stop a big-time mobster.
The bottom line: even if you keep all your money in the bank, the bank can still get robbed. Always remember your information is never nor will it ever be “theft proof;” it’s just harder to steal than that of the people next to you…when you follow these 5 tips:
A good rule of thumb when shopping online is to “look around the shop,” much in the same way you would look around a normal store. Imagine you walk into a tiny run-down shop with frayed wires and power lines coming out of the top in every which way. You walk inside and notice the “ATM” machine is an old arcade machine with a screen, buttons, and a card reader in it, identified by a wooden plank draped over the top of the machine with the letters “ATM” burned into the wood.
This is most likely not someplace you would use your ATM card. The same applies online.
Try to buy from brand name vendors you trust (Newegg, Amazon, etc.). Look around the site and make sure the site at least looks professional. Check to see that the domain is the same one you visited in the first place. For example, if you go to “lamps.com” and when you click to buy, the URL at the top of your browser no longer reads “www.lamps.com,” but now reads “lamps.mylamps.com,” the discrepancy could be a tell-tale sign of phishing, and completing the transaction could lead you right into the hands of an identity thief.
2) Check to see if website supports SSL or “Secure Sockets Layer” (i.e. look for the little yellowish-brown lock in the bottom right-hand corner of your browser)
One of the easiest and most common methods used to steal data online is to steal it before it gets to the website from which you are buying goods. Data thieves tap into wifi networks and watch Internet traffic as it flows over the airwaves. Thieves can also access your data via wired methods, and some times they even send you back fake data that looks like it came from the website you are trying to use (sometimes known as an MITM or “Man in the Middle attack”). The best way to protect yourself against this kind of attack is to make sure the website you are buying from uses “SSL” encryption or a “Secure Sockets Layer.” This technology encrypts your data so only the website you are using can make sense of the data your computer is sending, and everything just looks like encrypted garbage to anybody or anything else watching the network traffic.
3) Shop with an “online-only credit card”
There are several organizations (like this one) that offer “online-only credit cards.” These organizations provide users with transactional accounts that may be used like credit cards online, but aren’t actually linked to a credit account. Think of them as “virtual ATM cards” linked to real money. These cards can be very useful, especially with record-keeping. By using only one “online-only” card for Internet purchases (even if it is simply a secondary ATM or credit card from your bank), it is easy to identify things like extra charges, fraud, or other suspicious activity when looking at your billing statement.
4) Avoid public computers when shopping online
For convenience, almost every computer out there is designed to save your data once you enter it. This is horrible from a security perspective. As soon as you put your data into any device with an Internet connection, it typically tries to save as much of your information as possible so you don’t have to enter it again. In a sense, the computer tries to “learn about your personality,” and create a profile on you, which includes your data. However, if the device learning about you isn’t yours, what’s to stop a tech-savvy criminal from obtaining your information from a publicly accessible device? Demo computers at Apple stores or Best Buy, sample cell phones at AT&T or Verizon stores, and public library or school computer terminals are terrible places to store information. Anybody with the knowledge to access the data can simply walk up to the computer after you and quietly steal your information.
5) Diversify your data – don’t put all your eggs in one basket
The best way to keep your information secure on the Internet? Don’t put it all in one place. Things happen and company servers get compromised – along with your data. In the end, the best cyber-defense is to put yourself in a position where if and when a problem occurs, not all of your data is affected. Try to use only one ATM or credit card for all your online transactions (see #3 above). Likewise, make your passwords as unpredictable as possible, and don’t use the same login or email address for more than one account. Handle yourself this way online, and if somebody compromises one of your accounts, at least the damage will be minimal.
And most of all, caveat emptor…aka “buyer beware.”