Discover Yahoo! With Your Friends

Explore news, videos, and much more based on what your friends are reading and watching. Publish your own activity and retain full control.

To get started, first

YOUR FRIENDS' ACTIVITY

    Zappos Hacking Shines Spotlight on Safe Online Shopping Tips

    By Sarah B. Weir, Yahoo! blogger | Work + Money – Tue, Jan 17, 2012 5:30 PM EST

    There was a collective cry of "Holy shoes!" this past weekend when the news broke that the accounts of 24 million Zappos shoppers had been hacked. Online shopping has become a huge industry: In just the week following Thanksgiving 2011, consumers spent nearly $6 billion dollars online-a 15% increase from 2010's "Cyber Week" spending.

    Related link: Eight Tips to Keep Your Cards Safe When Shopping Online

    People shop online for a number of reasons including convenience, the ability to compare prices easily, reviews, and choice. Unfortunately, hacking incidents such as this one remind us that we need to be vigilant about taking security precautions when sharing sensitive information over the Internet.

    "What the Zappos incident highlights in particular is the need to use different passwords for each website you give sensitive information to," Nicole Vincent, Consumer Education Specialist at the Federal Trade Commission (FTC), tells Yahoo! Shine. It can be confusing to sort through all the available information about online security. Here are Vincent's absolute top tips for safe online shopping:

    1. Use a credit card instead of a debit card. And don't link to your checking account. Paying by credit card offers the most protection because your maximum liability for unauthorized purchases is $50.

    2. When you are shopping online, check to see if you're using a secure site: Look for the prefix "https" which means it is a secure site that encrypts Web traffic.

    3. Protect your password. Don't use same password across different websites. If your account is hacked, identity thieves often will try your password on variety of popular sites. Vincent says it is worth looking into tools that organize your passwords. One option is LastPass.

    4. If you are buying from a website that you haven't used before, do an Internet search with its name and the words "scam," "complaint," or "review." If you see lots of negative reviews or warnings, think hard about whether or not the item you want to purchase is really worth the risk.

    5. Be wary of Wi-Fi. Make sure your home network is WPA-encrypted. Older WEP networks can be hacked. Public Wi-Fi such as networks offered at the library, airport, or cafes may not be encrypted, so do not transmit sensitive information unless you are sure you are on a secure network.

    6. The FTC currently has a team of people investigating the issues around mobile purchasing. The bottom line is: If you are transmitting information over a 3G or 4G network you are secure, but don't use public Wi-Fi. If you aren't sure whether the network is secure, assume it isn't and avoid.

    7. After this kind of major hacking incident, phishing scams increase. If criminals already have some of your personal data, enough to make you think they are a legitimate entity, they may send you an email trying to obtain additional information. Any email that asks for sensitive information should go directly to trash; legit companies don't ask for this kind of information in emails.

    The FTC manages the website OnGuardOnline.gov, a collaborative effort by a number of federal agencies that covers topics from avoiding scams to cyber-bullying.

    Related links:

    Consumer Tips for Safe Online Shopping

    Smishing: The Latest Identiy Theft Threat

    Five Top Financial Scams to Avoid In 2012



     

    11 comments

    • cubmom5
      cubmom5  •  San Antonio, Texas  •  4 months ago
      And DON'T CLICK ON THE LINK that is in ANY email asking you go to a web site for your credit card or account!! Close the email and open your browser and go your normal route to get to the web site for accounts and credit cards. This is another way they steal your passwords!
      • Younger Grandma
        Younger Grandma 4 months ago
        Clear your cache and cookies before and after visiting sites, too!! Including your mail.
      • Owlchicka
        Owlchicka 4 months ago
        What I didn't like about the Zappos password reset was that you had to click through the link in their email to reset yourself. Really irritating.
    • Kathleen
      Kathleen  •  Phoenix, Arizona  •  4 months ago
      Such scams should NOT go directly to trash; they should be reported!
    • Ken Howland
      Ken Howland  •  4 months ago
      Discover Card lets you generate a "one time" use card number that expires immediately after you use it. That random number is your protection !! The charges on the "one time" number will come through on your regular Discover Card bill.They discontinued this recently but met so much resistance from their users that they put it back in use. I had a case where I ordered a "trial" on a product and lo and behold they contacted me and wanted a "VALID" number as they were going to keep shipping and billing their product. NOT!!!! And if the one time number gets compromised it will do the thieves NO GOOD.
      • NyukNyukNyuk
        NyukNyukNyuk 4 months ago
        Cards cleared by MBNA or Bank of America offer a similar feature called Shopsafe. It's worth switching cards to get this feature.
    • Lilion
      Lilion  •  4 months ago
      I had ignored the email from Zappos, thinking it was phishing. I'll be going to Zappos and changing my info now asap! Wish this had been reported sooner.
    • tropicalbabe
      tropicalbabe  •  Los Angeles, California  •  4 months ago
      I was a zappos shopper and just friday was i informed from my bank that my accounts (ck and svngs) were comprimised but thankfully they didnt get far. So im wondering if this has anything to do with it? Hmm..
      • sue
        sue 4 months ago
        I was notified by a "bank" that wasn't my bank that my debt card (which I don't have) was compromised. I'm not a Zappos customer. Scam on cell phones are going around a lot now too out of a number in Vegas.
    • nottoosmart
      nottoosmart  •  Nappanee, Indiana  •  4 months ago
      Write a check and put it in the mail.
      • sue
        sue 4 months ago
        Does no good anymore. Companies electronically deposit them and keep your checking account number on file. I didn't realize it until I called months later to order something and they stated they could look up old check info. Credit card is safer line of defense actually.
    • Alexis
      Alexis  •  4 months ago
      My sister's AE account was hacked, she used the same password for all online shopping and guess what, they got into all her accounts. Then they hacked her email and got all our emails and passwords by phishing. Its dangerous out there!
    • SteelMagnolia
      SteelMagnolia  •  Jackson, Mississippi  •  4 months ago
      One thing to do, is not to save your card information on the sites where you buy. It is less convenient, but better to put the info in each time you make a purchase. Also, regularly change your password, and be sure to use a Symbol and preferably not even a real word.
    • Jon Campos
      Jon Campos  •  4 months ago
      Rush Limbaugh is always promoting the online security company called LifeLock. I wonder if any of these people had it, and if so , did it work?
      • Chris
        Chris 4 months ago
        LifeLock is a scam. They don't do anything that you couldn't do yourself after about 10 minutes of research. The owner of lifelock has had his identity stolen multiple times...
    • sarah
      sarah  •  Auckland, New Zealand  •  4 months ago
      thanx 4 those tips - i am wary but its always good 2 learn more!!
    • Blues Guitarist
      Blues Guitarist  •  4 months ago
      Zappos should at least inform the customers whose account information was hacked.
     Post a comment

    Work + Money »

    Beauty »

    The Thread »

    Join us on Pinterest

    Shine on

    DAILY SHOT VIDEO

    We apologize. An error has occurred. Please try again.