TECH TALK: How safe is online shopping?

by Eric W. Austin
Computer Technical Advisor

My mother is paranoid. The idea of using her credit card to shop online fills her with dread. And she has good reason. A few months ago, she got a call from her credit card company asking whether she had recently used her card to purchase two round trips to Miami?!

She had not!

She was a victim of credit card fraud. In fact, 31.8 million Americans had a similar experience in 2014 – that’s three times the number in 2013. Very likely, this has already happened to you or someone you know.

Is it safe to shop online?

First, the bad news. Credit card fraud has become epidemic in the internet age. But it’s not just about hacking – it’s also about distribution: trading and selling stolen credit card information has become easier than ever.

So, how does your credit card get stolen in the first place?

Skimming is when a device is attached to a credit card reader like an ATM, gas pump, or merchant card reader which scans and stores card numbers as it is used. The thief then detaches the skimmer and downloads the credit card info.

Phishing happens anytime someone is able to trick someone into giving them personal information that they have no right to. They may do this by calling you and pretending to be a collection agency seeking a payment, or your electric company verifying your address. Or by building websites that look like your bank or favorite internet store.

SpyWare/Malware: This is software that is inadvertently downloaded and then attempts to siphon personal information from your computer and send that information back to a criminal who then sells your information, along with thousands of others on the internet black market.

Data Breaches/Hacking: You may have heard of the recent Yahoo data breach where over one billion accounts were hacked (if you have a yahoo account, and haven’t changed your password – do that RIGHT NOW!). What about Ebay, The Home Depot, JP Morgan Chase, Michael’s, Staples, Domino’s Pizza, Sony Pictures Entertainment, or Target? Yep, all these companies have been hacked!

Scary? Almost makes you want to do all your holiday shopping at Hussey’s Hardware this year, huh? But it’s not all bad. And there are some things you can do to minimize your risk.

Credit card companies are well aware of this problem, and most major banks have policies in place to protect you. Often, they will call you when they see a charge that is out of character for you. Check with the bank that issued your card to make sure you are protected and are aware of the procedures in case fraud occurs.

Keeping a close eye on your account is also important so you can spot fraudulent charges and report them immediately. You can set up fraud alerts with most card companies and the three major credit bureaus.

Install anti-virus and malware protection software on your home computer, and run a scan before you do any shopping. Two good free anti-virus programs are Malwarebytes and AVG Anti-Virus.

Never use public WiFi or a public computer to do shopping. Also avoid checking your email on a public connection if you use that email for finance or shopping. Secure your WiFi at your home with a password and encryption. Activate Windows Firewall or install a third party option to further protect yourself.

Upgrade your credit cards to the new EVM chip versions. These new type of credit cards have chips which change the information being passed each time it is used, and thus prevents skimming. Countries that have adopted EVM, such as the UK, have seen a drop in counterfeit fraud by as much as 70 percent. The United States’ slow adoption is one reason this is so prevalent here.

Never give out your personal information to anyone without verifying their identity. This includes phone calls, emails, or letters asking you to provide personal or financial data. Get a phone number and call them back to ensure it’s an authentic representative of that company.

And what if it does happen? Relax. Credit card companies are so used to this by now that in most cases all that is required is a phone call and the charge is immediately taken off your account. Disappointingly, you’ll probably never know how your information was stolen. They will tell you an investigation is being undertaken, but the fraud is so prevalent that I think most companies simply consider it a cost of doing business.

How about purchasing on sites like Amazon? Amazon is one of the safest places to shop, storing all credit card information on servers not connected to the internet. While not all sites go to the extent Amazon does, generally shopping with reputable merchants online is as safe as purchasing in a traditional brick-and-mortar store. Smaller online merchants typically use third-party services to process payments, so check out that service before committing to a purchase.

I hope that you have noticed that the lion’s share of fraud that happens is not the direct result of online shopping. Much of it occurs locally on your computer (malware & viruses), at a physical location where you use your card (skimming), by someone convincing you to give away information (phishing), or by hacking the companies that store your information. All of these things can happen to you even if you never buy anything off the web!

So, be smart, take precautions, but relax and enjoy the convenience of online shopping.

Have a tech question for me? Maybe I’ll answer it in my next column! Write me at ericwaustin@gmail.com subject line “Tech Talk” or use the contact form on the website.