How to avoid the biggest security mistakes when buying online

Between Black Friday and Cyber Monday, your credit card and personal information can be particularly vulnerable, especially if shopping online.

Adam Levin, author of Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves, spoke to Global News to explain the biggest mistakes shoppers make online and how to stay secure.

READ MORE: How to recognize and avoid online phishing scams

Think before you click

If you get a link for a promotion you think is from one of your favourite retailers, people will often click and not realize that it’s a fake website, which looks authentic, and they’ve installed malware on your device or compromised your information.

“The information is transmitted to a hacker,” Levin says.

Levin suggests buyers should go directly to the retailer’s website.

“Make sure that it says HTTPS in the address because that means it is a secure site.”

Use a credit card and not a debit card

Levin says the bottom line is when you’re using a credit card it’s the bank’s money. When you’re using a debit card it’s your own money.

READ MORE: Internet of Things our ‘biggest threat to privacy,’ expert warns

“Generally, credit cards have more robust fraud protection features that are pretty much zero liability,” Levin says.

Tweet This Click to share quote on Twitter: "Generally, credit cards have more robust fraud protection features that are pretty much zero liability," Levin says.

With a debit card, if you fail to notify the bank right away of any misuse, “you can suddenly be liable for $500.”

To be extra secure, Levin advises using a virtual credit card, which randomly generates a new card number for each online transaction.

Don’t shop online with free public Wi-Fi

A lot of people who are out and about during the holidays will hook up to free public Wi-Fi to shop, Levin says. “Hackers can create something that will pop up on your mobile device that will look like the name of the actual network, but there will be something a little off.”

Hackers will insert themselves between you and the website, Levin explained. So when you log in you are actually giving the hacker all your information.

“The best thing to you is a virtual private network. Think of it as a secure tunnel between your mobile device and whatever website you’re trying to get to.”

Tweet This Click to share quote on Twitter: "The best thing to you is a virtual private network. Think of it as a secure tunnel between your mobile device and whatever website you're trying to get to."

Secure your mobile device

If your device isn’t secure, hackers or anyone who has access to your phone can get your information and steal your identity. They can also make online purchases on your behalf.

READ MORE: Every move you make: Privacy expert wary as insurers track drivers

“Unfortunately, a great deal of identity theft occurs within the family and friend unit,” Levin says.

Levin suggests you should install anti-virus software on your smartphone, just like you would for a computer. You should also have a secure pin number, something that isn’t your birthday and easily known to those around you.

And lastly, he advises using two-factor authentication. So if someone tries to sign-in from another device, they need to provide two pieces of information.

Be wary of your gift cards

What a lot of people aren’t aware of is that they could be using an infected gift card when shopping online, Levin says.

Thieves will go to store and faintly scratch gift cards that are easily accessible on a rack and write down the number.  “They wait for you to buy the card and activate the card and then will drain the card.”

READ MORE: Black Friday and Cyber Monday: How and where to score the best bargains

He suggests buying gift cards that are behind the counter at a legitimate store to avoid this. When buying the gift cards online, Levin says you should only buy from a reputable and secure website.

If you have a security problem

When it comes to misuse of credit cards, the best thing you can do is contact your institution who will investigate, provide you with a new card and often refund you, Levin says.

But once you get into more sophisticated forms of identity theft, Levin says, it is crucial to get professional help from insurance companies, financial services or even your work’s HR department.

Benefit programs at work can have a program that helps you navigate identity incidents, Levin added.

“You may be very pleasantly surprised that you have a relationship with an institution that actually provides a service to help you through it.”

Tweet This Click to share quote on Twitter: "You may be very pleasantly surprised that you have a relationship with an institution that actually provides a service to help you through it."