24 million Zappos shoppers had been hacked. Online shopping has become a huge industry: In just the week following Thanksgiving 2011, consumers spent nearly $6 billion dollars online-a 15% increase from 2010's "Cyber Week" spending.There was a collective cry of "Holy shoes!" this past weekend when the news broke that the accounts of
Related link: Eight Tips to Keep Your Cards Safe When Shopping Online
People shop online for a number of reasons including convenience, the ability to compare prices easily, reviews, and choice. Unfortunately, hacking incidents such as this one remind us that we need to be vigilant about taking security precautions when sharing sensitive information over the Internet.
"What the Zappos incident highlights in particular is the need to use different passwords for each website you give sensitive information to," Nicole Vincent, Consumer Education Specialist at the Federal Trade Commission (FTC), tells Yahoo! Shine. It can be confusing to sort through all the available information about online security. Here are Vincent's absolute top tips for safe online shopping:
1. Use a credit card instead of a debit card. And don't link to your checking account. Paying by credit card offers the most protection because your maximum liability for unauthorized purchases is $50.
2. When you are shopping online, check to see if you're using a secure site: Look for the prefix "https" which means it is a secure site that encrypts Web traffic.
3. Protect your password. Don't use same password across different websites. If your account is hacked, identity thieves often will try your password on variety of popular sites. Vincent says it is worth looking into tools that organize your passwords. One option is LastPass.
4. If you are buying from a website that you haven't used before, do an Internet search with its name and the words "scam," "complaint," or "review." If you see lots of negative reviews or warnings, think hard about whether or not the item you want to purchase is really worth the risk.
5. Be wary of Wi-Fi. Make sure your home network is WPA-encrypted. Older WEP networks can be hacked. Public Wi-Fi such as networks offered at the library, airport, or cafes may not be encrypted, so do not transmit sensitive information unless you are sure you are on a secure network.
6. The FTC currently has a team of people investigating the issues around mobile purchasing. The bottom line is: If you are transmitting information over a 3G or 4G network you are secure, but don't use public Wi-Fi. If you aren't sure whether the network is secure, assume it isn't and avoid.
7. After this kind of major hacking incident, phishing scams increase. If criminals already have some of your personal data, enough to make you think they are a legitimate entity, they may send you an email trying to obtain additional information. Any email that asks for sensitive information should go directly to trash; legit companies don't ask for this kind of information in emails.
The FTC manages the website OnGuardOnline.gov, a collaborative effort by a number of federal agencies that covers topics from avoiding scams to cyber-bullying.