Some security advice to help protect British shoppers against cyber-crime has been released as we head online for the basics:
Internet shopping specialists from NetVoucherCodes.co.uk have revealed their 13 top tips to help UK consumers stay safe when shopping on the web in the wake of the coronavirus pandemic.
From using a credit card and keeping software up to date, to writing down complicated passwords and making up answers to security questions, online shoppers could avoid becoming a cyber criminal’s next victim by following the guidance.
A spokesperson for NetVoucherCodes.co.uk said: “With more and more Britons heading online to shop for the essentials, it’s important to take online security even more seriously.
“Browsing the web can be a security minefield for consumers – a computer virus, hacker or fraud could be just one click away.
“So to help Brits shop online with greater peace of mind, we’ve revealed the different measures you can take to stay safe when buying something on the internet.”
Here is the NetVoucherCodes.co.uk advice:
1. Use a credit card
If you purchase online using a debit card and it turns out to be a scam there’s usually no way to retrieve your money, but fraudulent charges must be reimbursed by credit card companies.
Check your statements regularly, just in case a purchase you didn’t make gets through the card provider’s safety net and you need to dispute it. This could also help if a purchase is shows up different to what you ordered, damaged or doesn’t arrive at all.
2. Make up security answers
When creating an account with online shopping sites, you might be asked to set up password reset security questions to confirm your identity.
Rather than entering the real town you were born in or mother’s maiden name, enter false answers and write them down if you can’t remember. This makes it much harder for cyber criminals who might be trying to gather information on you.
3. Only fill out required fields
Don’t offer up any more personal information that is necessary to complete an online purchase.
The required fields are usually starred or highlighted when checking out – it’s usually wise to leave the rest blank.
4. Never save information
Allowing even the most reputable of websites to store your payment or address information is unnecessary.
Don’t say yes when your browser suggests saving any passwords either and always log out when you’ve finished shopping.
5. Change passwords often
Regularly change between complicated, hard to guess, alphanumeric passwords that also contain symbols, even if you have to write them all down somewhere secure at home. Keep them different for each site you use too.
Using the same, simple but memorable password for every website for years, such as a pet’s name, is asking for trouble when online shopping.
6. Look for security indicators
A web address (or URL) that begins with ‘HTTPS’ are secure – those without the ‘S’, ‘HTTP’, may not be.
Other signs of shopping site security to look out for could include a closed padlock or complete key, possibly green, alongside the URL, next to the search bar or elsewhere around the screen.
7. Avoid public Wi-Fi
Entering personal information such as credit card details, passwords or home address while using free public Wi-Fi hotspots is dangerous as your data won’t be protected by encryption and could vulnerable to hackers.
8. Update your computer
Using an older version of a popular internet browser, operating system or anti-virus software on your computer means that you’ll be missing out on important security updates, which could leave you exposed when browsing the web.
9. Be extra careful on mobiles
Most mobile phones won’t have the same level of anti-virus protection as laptop or desktop computers so extra vigilance is required, particularly around shortened mobile-friendly URLs.
Mobile devices are also more likely to be stolen, so make sure any payment details are passcode or fingerprint protected.
10. Avoid email links
Rather than clicking on potentially suspect links to shopping sites that you see on social media, other websites or in emails, search for the website yourself.
This helps to make sure you browse the authentic site. If you’re getting a lot of spam emails, consider setting up a dedicated online shopping only email address.
11. Leave badly designed websites
If a shopping site appears to be out of date, has a strange URL, comes with lots of pop ups, or is dominated by cheap, irrelevant or overseas adverts, the page could be dodgy and worth exiting before it’s too late.
12. Research and read reviews
When considering spending on a new site that you haven’t used before, it can be useful to browse forums and social media to see what experience others have had of shopping there.
If you can find a real physical address and verifiable contact details for the company you intend to make a purchase from, they’re probably legitimate.
13. Trust your instincts
Just as you would when shopping on the high street, if you feel like a website is requesting too much personal information or could harm your computer with viruses, close it.
If in any doubt, stick to shopping with sites you know and trust.
Remember, if a deal looks too good to be true, it probably is.
Which? – Coronavirus email and text phishing scams
Phishing and smishing emails and SMS messages are already being sent out to trap the unwary into giving up login details.
One we’ve seen is an email that claims to come from the World Health Organization. It’s short and sweet, asking that you click on a link to what it says is a PDF offering advice on how to stay safe during the outbreak.
Security firm Sophos has a detailed breakdown of what happens if you click on that link, but broadly it shows you a pop-up in front of what looks like the WHO’s actual website asking you to input your email address and password so that you can receive the non-existent PDF.
Other phishing emails and SMS messages (known as ‘smishing’ texts) are also doing the rounds: Action Fraud has warned that emails purporting to be from organisations including the US Centers for Disease Control and the WHO are being sent with the aim of tricking you into opening malicious attachments or giving away your passwords.
The latest email and text phishing scams:
Fake lockdown fines
People have been warned not to fall for a bogus text message saying they have been fined for stepping outside during the coronavirus lockdown. The scam message claims to be from the Government, telling the recipient their movements have been monitored through their phone and they must pay a fine or face a more severe penalty.
HMRC goodwill payment
The MET police are warning of a fake message designed to steal your account details that says ‘As part of the NHS promise to battle the COV-19 virus, HMRC has issued a payment of £258 as a goodwill payment’.
Free school meals
The Department for Education has issued warnings about a scam email designed to steal your bank details saying: ‘As schools will be closing, if you’re entitled to free school meals, please send your bank details and we’ll make sure you’re supported.’
Conspiracy theories and misinformation
Another email we’ve seen is full of doom-laden warnings that ‘There is no vaccine for coronavirus’ and that ‘the US government, like the Chinese government, isn’t telling us the truth about how many are infected’. That email is full of links. While we’ve only seen screenshots of this, it seems likely that these links will lead you to either phishing sites or, worse, sites that can infect your computer with malware.
Sophos has also reported on emails that – for now – are targeting Italian email addresses and which include a Word document that purports to offer guidelines for preventing infection, but which in fact harbours a malicious script that infects Windows computers with a banking Trojan, i.e. malware that aims to steal online banking credentials.
So watch out for emails that include attachments.
Read the Which? guide on how to spot a phishing scam for more information:
Read more: https://www.which.co.uk/news/2020/03/coronavirus-scams-how-to-spot-them-and-stop-them/
