Between Black Friday, Cyber Monday, and the joy of the holidays, ‘tis the season for netizens to walk on the wild side, shopping-wise. Black Friday got its name because traditionally it’s the first day of the year that many stores are “in the black,” and the push for profitability has now spilled over to cover a whole week or more, including Cyber Monday. Retailers and etailers aim for vast numbers of sales, so they offer big discounts to entice shoppers. And like any big online event, this feeding frenzy attracts grifters, scammers, and thieves. You can get some incredible deals during the shopping season, but you can also get robbed blind. With a little care and our good advice, though, you can get your bargains and skip the scams.
If It Seems Too Good to Be True…
You’ve jonesed all year for that impossibly large 8K TV, but don’t have the thousands to pay for it. Then while you’re idly watching cat videos, an ad pops up offering your prize for just a few hundred. So tempting! But don’t whip out your virtual credit card just yet.
First, do a little research on the seller. If possible, check reviews from other buyers. Look up the company on the Better Business Bureau website, and check that site’s Scam Tracker for any reports. Visit consumer complaint websites like ComplaintsBoard and RipoffReport.
Didn’t find anything at all? That’s a red flag, too. Even the most praiseworthy online store is going to have some bad reviews, because haters gonna hate. A total absence of complaints and reviews suggests a fly-by-night operation.
If it seems too good to be true, it probably isn’t true. Vetting the offer carefully lets you take advantage of oh-so-rare impossibly great deals without getting fooled by fakes.
Use a Credit Card
If you do make a purchase without being totally sure of the seller, absolutely use a credit card. In general, you have zero liability to pay for a fraudulent transaction. If the seller never delivers, or blows off your attempts to get a refund, or makes illicit purchases using your card, you can report the fraud to your credit card provider. Even if you hit one of the rare exceptions to this policy, federal law says you’re not liable for more than $50.
Of course, you need to stay on top of things. Dispute any fraudulent purchases immediately, and contact your provider as soon as it becomes clear that you’re not going to receive what you bought. Debit cards do have some protection, but it’s not as strong or universal as the zero liability of credit cards. Use a credit card!
Maybe Mobile, Maybe Not
Have you ever gotten a text from an unknown number with a link to a fantastic deal? Perhaps a time-limited deal? I hope you didn’t click it. Phishing via SMS (sometimes called smishing) is very real, and potentially dangerous. Clicking any link from an unfamiliar sender is a bad idea.
Perhaps you found a link to an interesting bargain through some more legitimate route, such as a web advertisement or a deals site. Even then, your phone may not be the best place to view that bargain. On the phone’s small screen, you can’t get the full view that you have on a desktop or laptop. It can be harder to spot a fake website when it’s on a mobile device. For a better look at that bargain, email the link to yourself or otherwise transfer it to a device that will give you a big, clear view.
On the flip side, if you’re visiting a well-known seller, perhaps using its dedicated mobile app, shopping on mobile can be problem-free. Just don’t use your phone for those unknown online stores.
Familiarity Breeds Contentment
For the safest shopping experience, stick with large, well-known etailers. If you buy from Amazon or Walmart, you may be contributing to their plans for world domination, but you’re not setting yourself up to be defrauded. Yes, you may miss out on deals from upstarts, but you’ll also avoid scams and thieves.
Do watch out for typos. Fraudsters like to put up pages that look just like some major retailer, but with a URL that’s slightly different. Perhaps the URL ends in .biz where the real site is .com. Perhaps it’s a common misspelling. That said, the biggest online stores simply buy up common typo domains and redirect them to the real site. I tried Amazno, Amazzon, Ammazon, Amazoon, even Azamon, and all of them redirected to the real Amazon site.
No Lock? Run!
There’s a real push to get every website using a secure HTTPS connection. And I mean every site, whether it’s a book club, a knitting circle, or an online dungeons and dragons lair. Certainly, every commercial site must use HTTPS. You’ll see a little lock icon in the Address Bar when you’re on a secure page. Some browsers go further; Chrome actively marks sites without the lock as “not secure.” If you don’t see that lock, get outta there!
Become a Masked Mystery Shopper
When you buy something online, you necessarily give the sellers quite a bit of personal information. They get your email, phone, or both for notifications, your credit card details for payment, and your address so they know where to send the item. You may be surprised to learn that you can mask yourself, shopping without giving away more than the minimum.
Disposable email address (DEA) utilities like ManyMe and Burner Mail let you communicate via email without giving away your actual email address. The merchant gets a unique DEA instead. Mail sent to such an address appears in your inbox, and your replies seem to come from the DEA. If one of your addresses starts getting spam, you can just cancel it, and since each is unique you know which merchant to blame.
Abine Blur takes the concept even further. In addition to masking your email address, it lets you mask your phone number and credit card details. The merchant still needs to know where to send the package, but as far as other personal details go, you’re a masked mystery shopper.
Apps That Can Protect Your Identity
Abine Blur
Avoid Oversharing
Speaking of personal information, be wary when online stores ask for more than they need. They certainly don’t need to know your Social Security number—a merchant that even asks for it isn’t one you should patronize. If a site’s checkout form includes data fields that aren’t in any way necessary for the transaction, that’s a sign you may want to reconsider the purchase. If those fields are marked as required, that’s worse. But if you want to go ahead, just lie! Fill the irrelevant required fields with made-up data.
There’s another TMI problem that’s not directly shopping-related, but that’s still important. You’ve probably seen those social media quizzes that promise to tell you which noble house of Westeros you belong to, or what color you are as an Among Us guy. Some are more blatant. “Hey, let’s all get to know each other! Answer these questions…” Maybe they want to know your first pet’s name, your high school, or the make of your first car. If you post answers, you’re giving away the responses to unlock common security verification questions. Don’t fall for it!
Be Password Smart
Some shopping sites let you check out as a guest, just giving the one-time information needed for your transaction. Others require that you create a login identity. And even when signing up isn’t required, you may appreciate the convenience of picking the shipping address and credit card from lists maintained by the site rather than having to type everything each time. Creating an account is fine, but be smart when you choose your password.
Remembering passwords is tough, so you may be tempted to just recycle the same password over and over. Don’t! Even the most upstanding online merchant could get hacked. Hackers know that many people do indulge in password recycling, so when they gain access to credentials from one etailer, they quickly try the credentials at other, similar sites.
Password Managers
Dashlane Review
4.5 OutstandingKeeper Password Manager & Digital Vault Review
4.0 ExcellentLastPass Preview
The solution is simple. Use a password manager to help you create and remember a strong and unique password for every secure site. Buying such a tool doesn’t have to cut into your shopping budget, as the best free password managers can totally handle your needs.
Stay at Home
In theory, you can shop electronically no matter where you are. In practice, you’re better off staying at home to shop. If you use public Wi-Fi, there’s a chance your transaction could be snooped. Even if you think you’ve connected to a known, safe Wi-Fi network, you might be living in a dream world. Nothing prevents a scammer from setting up a portable Wi-Fi hotspot with an SSID that’s the same as that of your favorite coffee shop. Worse, your phone can’t tell the difference, so it will happily connect to the fake.
If you stay at home to shop, you don’t have to put shoes on. You don’t even have to get dressed. More importantly, you’re connecting to a Wi-Fi network that’s under your own control. It’s just safer!
What Black Friday Deals Should You Be Tracking?There’s another benefit to shopping from home—no shoulder-surfers! When you whip out your credit card and start typing the number into a website, nearby snoops have a double opportunity to see and memorize the number. They’ll see you flip the card to enter the CVV code, too. You can foil shoulder-surfers by staying alert, sitting with your back to the wall, and keeping your screen shielded. Better yet, use your password manager to fill in saved credit card data, while the card itself stays safe in your wallet. Something else to consider about staying home: If you never swipe a card at a store or bank, you'll never fall victim to a credit card skimmer!
Sometimes circumstances may require that you do your shopping while out and about. You can improve your security by turning off Wi-Fi and just using cellular data while shopping. You could also install a Virtual Private Network, or VPN app on your phone, which will encrypt your communications and prevent any possibility of snooping.