I am writing this because I need a refresher course in how to shop online. I recently made some mistakes. I was in a hurry, and my credit card information was stolen. It's embarrassing when the bank calls, asking if I really want a paid subscription to a Web site of ill repute.
The bank closed the account and sent me a new credit card, no big deal. Or so I thought. I managed to forget about the monthly charges associated with the card. Enlightenment came when I received a call from my YMCA representative. She wanted to know why the charges were not going through. Oops.
Recently, I've been writing quite a bit about debit/credit card scams. So it seemed like a good idea to cover the risks of online shopping and share what I learned from my research and my real-world teaching moment.
1: Use a credit card provider that offers one-time credit card numbers
This is where I got sloppy. I normally use a credit card provider that offers one-time numbers. But I was in a hurry and didn't. What I gained at the moment was lost times 10 when I had to clean up my mess. Using my one-time credit card number would have removed any possibility of someone reusing the stolen information.
2: Make sure the Web site is valid and trustworthy
I recently wrote a piece on Blackhat SEO and how criminals are subverting real Web sites with malware or creating believable copies of real Web sites loaded with malware. I suggest using one or more of the site-rating Web-browser extensions. If the site is problematic, you will know.
3: Check to see whether the Internet connection is secure
This may seem obvious, but people get lulled into complacency. I have to remind myself to double-check that a closed padlock is displayed, that https is used, and that the certificate is valid -- ideally, an EV certificate. Each Web browser uses a slightly different approach, so make sure you understand how your browser advertises secure Internet connections.
4: Beware of deceptive or disguised offers
Last year, I wrote an article about coupon-click fraud and how people were unknowingly signing up for programs or offers they did not want. When you're filling out the information required to make an online purchase, carefully read what all the check boxes represent, regardless of whether they're selected. Opt-in and opt-out wording may be interchanged.
5: If actively shopping on the Internet, check often for unusual debit/credit card transactions
This tip is important. In almost all cases, discovering fraudulent charges early will lessen the impact of the problem. In fact, financial institutions usually absorb the charges if they're reported within a few days. So check often and know the liability limits used by your debit/credit card provider.
Extra tip: Call the order in if there is any doubt
Sounds simple enough, but many people don't think of it. If I have any concerns at all, I will call the order in. The company may still have problems, but you don't have to worry about its Web site being malicious or phishing for your financial information.
Another extra tip: Keep track of monthly or revolving debit/credit card charges
I now have a list of all my monthly charges, like the YMCA. I hope I won't need it, but if my credit card information is compromised again, I will know who to contact.
I got caught, giving convenience the nod over security. The above advice should prevent a reoccurrence. I hope l take it.
Michael Kassner is currently a systems manager for an international company. Together with his son, he runs MKassner Net, a small IT publication consultancy.