How to Shop Safely Online
But I’ll get my money back!
Some people feel that it really isn’t a big deal if they get scammed. If your credit card gets breached, all you need to do these days is call your credit card company and they will reverse the charges and issue you a new card. BUT it’s not just about your credit card, it’s also about your personal information. AND guess what? you are now on a scammer’s contact list and your contact info will be shared and sold on the dark web! They will either try to scam you again or hack you with ransomware, wire fraud, you name it… Getting scammed is not a single event, it is just the beginning of a series of hacking attempts.
Let’s start with what people are saying online…
Here is the thing, in many scams they will actually ship you something just to have proof that an item was shipped. It doesn't matter that it’s totally different from what you were expecting. This will make it hard for you to get your money back, because you did get something. Now, you need to prove it was a scam. And depending on how much you paid, it may not be worth it.
how to determine if an online shop is fake
Keep in mind this isn’t science… it’s just red flags to help you be more cautious. Because many of these scammers use templates or are just lazy, there is a lot of copy and paste when they set up a new shop. This is something we can use for our advantage. So here is what we suggested
-
Go to the “About Us” page and copy some text from the description and google it. If you find other shops that have the same “About Us” description or very similar, then maybe avoid these shops.
-
The same goes for the Email, Phone Number, and Physical Address in the “Contact us” Section. Just google it and see how many online shops use the same info.
-
Also, there are places like Reddit and Quora that you can use to search the site and find out what people have to say about them and see if anyone mentioned “scam” or “fraud”
-
Now, this is a bit more technical, but you can find out when the website was launched. You can copy the domain name or IP address and look it up using “WHOIS Lookup” (Google it). It will then tell you when the domain was purchased. If it’s a few months old… then use caution.
So what can you do to shop safely?
-
Don't blindly trust slick video content or pictures, many are simply taken from the original sites.
-
Google the product or the website name along with the phrase "scam."
-
Google the exact wording in the ad. Many scams can be found this way.
-
Don't trust an ad just because it appears on a reputable site. Scammers post fake ads everywhere!
-
If you are constantly served the same ad and the price is dropping, it's probably a scam.
-
If most of the reviews are within several days, then they are probably fake.
-
Don't buy from Facebook pages or websites you've never heard of before. That's like buying from a random person on the street.
-
Watch out for ads that show popular products from crowdfunding sites such as Kickstarter, it's a common scam.
-
Scammers may have obtained or hacked verified accounts on social media sites. They will use these accounts to offer you hard to get or heavily discounted items. You pay them over paypal or venmo and then they disappear.
Safety tips and hacks
-
Never reuse passwords - I stopped counting the number of times that shopping sites have been hacked. If a shopping site is hacked and you use that same password for your gmail or any other app, guess what? Cyber criminals know that and they immediately check if they can sign-in with that password to other apps and sites. Another reason, if that site was a scam, now they have your gmail password. If remember password is difficult for you, then you can use a password manager. Not sure which password manager to go with? We ask out LinkedIn community and they voted - Here is a list of recommendations from cybersecurity professionals of the top 5 password managers.
-
Use a random email address - iPhone has a cool feature that allows you to create a random email address when you sign-up to random sites. Here is how it works
-
Or use the + sign if you are using a gmail account. For example if my email address is gaby@gmaill.com (It’s not...) and I sign-up to amazon, I can use gaby+amazon@gmail.com. Any email that will be sent to that account will go to my regular inbox. Try it out :) Once you start doing this, you will be able to see if someone other than Amazon for example is using your email.
-
Don’t trust QR codes - When we scan QR codes they automatically open a website or an app. However, did you check that you are on the correct site? Criminals have learned to stick their own QR code over legitimate ones. After all, neither the business owner nor you will be able to tell the difference. So next time you are scanning a QR Code at a restaurant, make sure you are on the correct site.
-
Use the 2nd address line - You know that 2nd address line most online forms have? Put something there like “I filled this out for Best Buy” and when you are sent something by a company that is not Best Buy, you’ll know who your information was shared with.
-
And if you purchase a new smart device (most electronics today) don’t accept the default setting. Unfortunately, many of them are not secure, that’s why we created this short video to help you set them up.
After You buy
Yeah, unfortunately it doesn’t end when you buy, there are many followup scams. So don't advertise it on social media. When you share what you just purchased on social media, it’s not only your friends who see it. Scammers also see it and they will send you Fake Shipping Notifications or even call you over the phone about an issue with your recent purchase.
Finally, it's not just shopping. These days, Online Safety is MUST have life skill. So educate yourself and your family. We created the bare minimum list of cyber safety tips everyone should practice. We also have many free resources that you can use to learn how to be safe online. You can start with registering for free to Wizer Security Awareness Training or visit our Security Awareness for Families.
Gabriel Friedlander
Gabriel Friedlander is the Founder & CEO of Wizer, whose mission is to make basic security awareness a basic life skill for everyone. Wizer has been rapidly growing since being founded in 2019, and now serves 20K+ organizations across 50 countries. Before founding Wizer, Gabriel was the co-founder of ObserveIT (acquired by Proofpoint). With over a decade of experience studying human behavior, he is a prolific content creator on social media, focusing on online safety to elevate public understanding of digital risks. His engaging 1-minute videos have captured the attention of millions worldwide, going viral for their impactful messages.