Use strong and unique passwords. Once again, strong passwords are essential, just as they are with email and social media accounts. Never share your passwords with anyone, unless you have designated someone you trust to manage your accounts. Make sure your passwords have at least eight characters. Include numbers, upper and lower case letters, and symbols, and do not use names or dictionary words. At ConnectSafely.org/passwords, you’ll find tips and information on how to use multi-factor authentication and fingerprint recognition for more advanced security.
Don’t click on links in email or on social media from banks, credit card companies, government agencies, or other organizations, unless you’re 100% certain they are legitimate. There is a common scam, called phishing, where someone sends you a link to what looks like a legitimate website, but it’s actually a scam site created by criminals to steal your login or other personal information. Even if the company name is part of the Web address, it could still be a scam. Your safest bet is to type in the Web address like you normally do and if in doubt, call the organization.
Be wary of any offer that’s too good to be true, such as being told you’ve won a contest that you didn’t enter, or you’re being offered an incredible price on a vacation or product way below what you’d expect to pay. Be especially careful about offers for low-cost medications or medical coverage.
Only shop at reputable online sellers. Be careful about any online merchant that you have never heard of. Many are legitimate but some might be out to steal your credit card number or other financial information, or simply fail to deliver what you’ve paid for. When in doubt, ask someone familiar with online shopping or do some online research to see if there are reviews or comments about the merchant.
When shopping or banking look for secure websites with an https in the browser’s address bar. The “s” stands for “secure.” If it’s just http, it’s not a secure site. If you shop or bank using a mobile app, be sure it was issued by that company. Look for reviews from others or ask an expert if you’re not sure.
Use credit cards if possible, otherwise use debit cards or safe online payment services, such as Paypal. Never send cash, cashier’s checks, or money orders. Even sending a personal check can be dangerous. It’s best to use a credit card because, if there is a dispute, the credit card company will stop the charge or refund your money while they investigate your claim. Debit cards also have protections but sometimes you have to wait to get your money back. Services like Paypal, Android Pay, and Apple Pay also have some protections but credit cards are still the best bet.
Be careful before you click. There are certain things that you may not be able to undo, such as buying or selling the wrong stock or buying a non-refundable flight or hotel room. Carefully review all transactions before confirming them. If you do make a mistake contact the company right away to see if it’s possible to undo it. Many online merchants have a cancelation feature that lets you back out of a purchase, but you must do so promptly. Once an item is ready to be shipped it may be too late to cancel the order. You can often return your purchases, but you’re likely to have to pay for return shipping.
Make sure you understand the return policies from online merchants and know all of the charges, including shipping, handling fees, and taxes.
Do some research before donating to online causes. Crowd-funding sites like Kickstarter, Indiegogo, and GoFundMe are great places to be among the first supporters or purchasers of new products, donate to worthy causes and organizations, and even provide financial support for people with a compelling need, but you should proceed with caution. Read all the fine print and do a little research on the person or organization behind the pitch. If they’re raising money for a cause, try to find out if it’s real, and if they are launching a cool new product, make sure their pitch is realistic. When in doubt, move on.
Protect against identity theft. Never enter your Social Security number online unless you know you are at a legitimate site that has a real need for that information, such as applying for a bank account, credit card or loan (from a legitimate financial institution), or getting a credit report (such as the legitimate free annual credit report services authorized by the Federal Trade Commission). Unless you’re sure it’s a legitimate site, avoid posting your full birth date and place of birth, and be cautious when asked to enter any other personal information, such as your home address. Legitimate media sites like Facebook and financial institutions may be required to ask for your date of birth. Only disclose credit card numbers to legitimate online merchants. When in doubt, do some research to see what other people and reviewers say about them.
Monitor your online financial accounts. Look for recent activity to be sure that there are no fraudulent charges to your credit, debit, or bank accounts. Check your online investment accounts to make sure there has been no unauthorized activity. If you find something suspicious, report it right away to the financial institution’s fraud department or the toll free number on your credit or debit card. Even if you don’t bank online, there is still a risk that you could be a victim of fraud. Let the institution know right away if there is an issue. In most cases you are protected against fraud but you must report it.
Charity scams. Most charities have websites and the option to donate online. That’s fine as long as you’re sure you’re on the right site and that it’s a legitimate charity that you support. Be careful if you get an email from what appears to be a charity asking you to make an online donation. If you’re not familiar with the organization, check it out at CharityNavigator.org and if you are going to donate online, be certain that you’re going to the charity’s legitimate site. To be safe, type in the charity’s Web address in the browser rather than clicking on a link.