It’s hard to say anything bad about online shopping. Prices are right and deals abound. The selection can’t be beat. Shipping is fast and easy. And it can all be done from the comfort of home (or the office), far away from the mayhem and frustrations of stores, especially around the holidays.

According to a survey of US shoppers done by, around 54% of US consumers will do the bulk of their holiday shopping online this year. More generally, around 70% of Americans and Brits regularly shop online. And on the European mainland, more than 53% of consumers used online channels in 2015. All told, retail e-commerce will approach $2 trillion globally by the end of 2016.

Where there’s money – there’s crime.

When it comes to online theft, stolen credit card numbers are just the tip of the iceberg. Criminals also spoof popular websites to lure in deal-seeking shoppers. They launch Wi-Fi hotspots that look legitimate to gain access to your PC or smartphone. They promise incredible savings through email phishing attacks. They use pop-up ads and drive-by downloads to install key loggers that collect passwords and account information. And they hit you with scareware, fake coupons, and false shipping notices designed to get you to click, reply, or call a number.

But their success almost always depends on your carelessness. Which means there are things you can do to be safer when shopping online. That’s why we’ve assembled a list seven tips that should greatly reduce your risk of being had.

1. Stick to trusted brands and sites

Despite high-profile credit card breaches at place like Target and TJ Max, the big names in retail go to great lengths to secure their sites or mobile apps. Just be sure to always double check that the name is spelled right in the URL (so “” not “”), that the app comes from an official corporate site or an app store and is clearly labelled, and that the logo and colors match the brand.

If you plan to stick with browsers, make sure they use SSL (Secure Socket Layer) encryption. This creates a secure line of communication between your PC and the ecommerce site. Just look for the “S” at the end of HTTP in the address bar of your browser. (It sometimes appears only after you’ve logged in or clicked to the cart.) If the “S” is not there, play it safe shop somewhere else.


Look for the "S" at the end of the http.

2. Look out for scams

A warning that your account will be closed unless you send in essential information; that could be a scam. A coupon just for you via email; that’s probably a scam. A chance to be a mystery shopper if you provide bank info, also a scam. That super cute wallpaper with the holiday theme – scam. That package notice that tells you to click here (but doesn’t quite look like UPS) – scam! Those Facebook promotions that take you to external sites – SCAM!

Okay, okay, not everything is a scam, and we want to avoid fearmongering. The key here is to scrutinize any offer, alert, or warning. Deals that look too good to be true, usually are. Anything that asks for personal information or credit cards by email, is very likely criminal. Check the email address of the sender and mouseover any links (but don’t click) to see where they really take you. And pop-up windows NOT from your antivirus provider that warn you that your PC is infected should be closed along with the site that launched them.

Legitimate retailers will never threaten to close your accounts unless you send crucial information. In fact, they will never ask for account or personal information by email (or phone, for that matter). So if you have even the slightest doubts about the probity of emails, messages, pop-ups, websites, offers, and so forth, don’t click, reply, or call. Shut all the windows and move on.

3. Use your own kit

By this we mean hardware and software. Never shop or check email using a PC at a café, hotel, library, or other public location that may be used my multiple people. If you must shop through public Wi-Fi (using only your own device), always use a VPN (virtual private network). A personal VPN such as HideMyAss or AVG Secure VPN, keeps all the data traveling between your device and the retailer’s payment portal encrypted. And if you have a decent data plan and LTE, use your smartphone and your mobile connection rather than public Wi-Fi when out and about.

4. Use a payment method with buyer protection & check for return policies

As convenient as they may be, debit cards should be avoided when shopping online. Credit cards usually offer greater buyer protections, with set limits on how much you are liable for if someone steals your number or rips you off. And online payment systems such as PayPal, Google Wallet, Stripe, and Payoneer provide an extra layer between you and retailers, meaning you never share personal or account information with the retailers.

Meanwhile, legitimate retailers almost always allow returns. Online only retailers usually have a no-questions return policy. Traditional brick-and-mortar retailers often allow you to return items purchased online at physical stores. If return policies do not exist, are hard to find, or in any way convoluted, find another shop.

5. Deploy ultra-strong passwords (and a password manager)

One of the best things you can do to ensure safety while shopping online is also one of the most basic: use a strong password. This applies to all accounts on all sites you access. Don’t repeat passwords or use easy-to-crack variations – that’s right, you need a unique password for each and every account. Given this can mean dozens of passwords that are difficult to remember, we also suggest you use a password manager.

6. Update your system

For Windows, Microsoft regularly issues updates and security patches. To fully implement them, you often need to restart your PC. If you’re like me, you might leave your PC on for days or even weeks at a time (putting your PC to sleep or into hibernation doesn’t count). So it is a good idea to check if any updates are waiting to be installed before you embark on a shopping spree. To do this in Windows 8 and 10, simply go to the Microsoft/Start Menu and type “Windows updates”, then click on the eponymous icon.

Here’s how that looks in Windows 8:

Windows control panel

Just type in Windows update

The resulting Window then lets you check for updates; or it tells you that there are updates waiting and that the PC needs to restart. For instance:

Windows update screen

Make sure you restart your PC!

Make sure you have everything saved and bookmarked before. Then restart.

7. Build a fortress around your PC

If you don’t have antivirus – be sure to get it. Even better, get a paid version that also has spam, hacker, and download protection, such as AVG Internet Security. While this is a shameless plug, it is also a serious suggestion. The added layers of protection can stop scammers from infiltrating your inbox, blocks hacker and checks downloads before they land on your hard drive. Even those that know all the warnings signs have accidentally clicked a link they shouldn’t have because they were tired or trying to do something quickly. So the more safeguards you have in place, the better.

Try AVG Internet Security for FREE


Final thought

As the above list suggests, caution should be your guiding principle for shopping online. If something looks fishy or off, don’t take any chances. Shut everything down, run a virus scan, restart the PC, and start over. The extra bit of effort will make shopping online better, and make it even harder to say anything bad about it.

AVG Internet Security FREE Trial