Can online shopping be done safely?

Can online shopping be done safely?

The Internet security experts say "yes" -- on the condition that consumers abide by some basic safety tips.
1. Bigger names equal better protection.
"Go with reputable companies youve heard of," says Jim Stickley, co-founder, CTO and vice president of engineering at TraceSecurity, a company that works with financial institutions to better their network security systems to deter identity thieves.
Stickley, who knows firsthand how easily sensitive information is stolen, says that if a deal sounds too good to be true -- say, $20 for an iPod Nano -- it probably is. Whats worse, its probably an attempt to trick you into giving out personal information.
Steven Branigan, founder and president of CyanLine and author of "High Tech Crimes Revealed" agrees and says that its good to know the site youre going to, such as the bigger sites like Amazon.com. "These sites put their name on the line."
On the other hand, the fear factor hurts smaller merchants who might have better deals.
One comparison shopping site, buysafeshopping.com, solves both problems by bonding qualified merchants for up to $25,000 with Liberty Mutual, Travelers and ACE USA. BuySAFE puts merchants through a screening process to verify the merchants identity, online sales experience and ability to deliver the purchased items. If a retailer passes that process, buySAFE is willing to stand behind them with its purse, says Jeff Grass, CEO and president, and Rob Caskey, senior director of buyer marketing.

2. When in doubt, check them out.
If you go with an unknown merchant or Web site, contact someone there who can verify the companys privacy policy for you before you make a purchase. Ask if theyll send you a catalog.
"If they dont list phone numbers and only have an e-mail address, thats a huge red flag," Stickley says. "Call the phone number and see if it goes to voice mail. Anyone can have voice mail set up." Bottom line: If you cant get a human being on the phone or dont like what youre hearing, go shopping somewhere else.

3. Encryption doesnt equal security.
Leah Ingram, author of "Gifts Anytime: How to Find the Perfect Present for any Occasion," is a certified etiquette and protocol consultant. This expert gift-giver says one of the first things you should do before typing in your credit card information is look for the "plural URL." That is, when you go to the sites checkout page, the "http" in the URL should change to "https." A closed padlock or key should also appear on the page, letting you know your personal information will be encrypted or scrambled.
If you dont see either of these "locked" icons or a change in the URL, log out and shop elsewhere, says Ingram. The reason: "You cant be sure the site has a secure server, and you shouldnt take that risk," says Ingram.
Heres one tell-tale sign that youve entered a scammers site: If you ever see numbers at the beginning of the URL, such as http://66.102.7.104@65465.51456%6AD%, its probably a scam, says Stickley.
Even if you see a proof of encryption, such as the plural URL, you shouldnt equate that with the sites trustworthiness.
"It just means the session is encrypted," says Stickley. He likens the mistaken belief to believing that someone owns a house just because that person can lock the front door. It means nothing. To verify the sites trustworthiness, he advises calling the company to ask about its privacy policy.

4. When sharing is a bad thing.
Shared computers, such as the ones available to multiple strangers at computer centers, are a big no-no, says Branigan.
The danger is that hackers can insert a keylogger into the back of the keyboard, a device that looks like a harmless adapter. This monitoring device captures everything you type before its encrypted. Sometimes installed as software, the device can be hard to detect. The best thing to do is avoid shared computers when typing sensitive information.
5. Pay with a credit card.
Youve found a trustworthy site with a secure checkout page. Now youre ready to pay -- with what? Check, money order, debit card, credit card, cash or Monopoly money?
We got a resounding answer from the experts: Credit cards are the safest method for online purchases.
"The last thing you want to use is a debit card," Stickley says. "Most credit cards have protection on them -- if someone rips you off, you can dispute the charge. Debit cards pull money right from your bank account. It can take months to get your money back, if you ever see it again."
The beauty of using a credit card is that its not just your money on the line -- its the creditors money, too. "If you have a problem with your transaction, the credit card company will go to bat for you to resolve it," says Ingram.
According to the Federal Trade Commission, federal law limits your liability to $50 in charges, should someone use your credit card fraudulently.

Another option is making purchases through a third-party escrow service such as PayPal. Paypal Buyer Protection covers qualifying eBay purchases for up to $1,000 at no additional cost to buyers, helping to guarantee your purchase.
After any sale, be sure to print and save all of your receipts and e-mail confirmations in case of a dispute.
Credit shy?
If you are reluctant to give out your credit card number over the Internet, you have alternatives. Some card companies such as Discover Card, Bank of America and Citi offer a secure online account number service -- a virtual credit card or virtual account number.
Discover Card says since they first offered secure online account numbers theyve "had no incidences of credit card fraud or identity theft in situations where hacking has occurred."
By providing merchants with a special credit card number instead of your real number, your actual Discover account number is never exposed to scammers. Check with your credit card company to see if they offer this type of security feature.
Another security feature on the horizon is a one-time-use password token. The technology has been developed, but its not in widespread use yet. To protect yourself, be wise in your choice of passwords. Use a combination of letters and numbers difficult to guess, says Chris Young, senior vice president and general manager of the consumer solutions division at RSA Security, a company that has developed password tokens. Dont use a word or number someone else could figure out, such as your birthday or dogs name. Change your password frequently.

6. Suspect the suspicious.
If youre at the checkout page and the site asks for your date of birth and Social Security number, be very careful.
"This combination can give people enough information to start applying for new credit cards in your name," Branigan says. Whats scarier is the ease with which drivers licenses can be purchased overseas -- they can be purchased for as little as $100. If that scares you, remember a simple rule of thumb: If anything seems suspicious, call the company and ask questions.
Also be wary of sending out credit card information via e-mail or instant messaging, says Branigan. Neither is encrypted. Copies can remain on your mail server as well as theirs. Since you cant control whos looking at your information, stick to the sites secure transaction page.
The final word:
Moment of truth: Is online shopping safer than shopping offline? The experts offer a silver lining to the cautionary warnings against online identity theft and credit card fraud.
People should be aware that as long as they are dealing with reputable companies, online transactions are far more secure than the face-to-face transactions people perform every day, says Stickley.
Online transactions eliminate the middle man, such as the waiter who processes your credit card payment, so there are less people who physically see your private information.
Consumers who research companies before making purchases, watch for warning signs of fraud, use credit cards for purchases and keep receipts should be relatively safe.

Thank you