Navigation skipped

8 Tips for safe online shopping

The convenience of online shopping often comes with concerns about security. Get our tips for safe online shopping before you place your next order.

Updated December 24, 2020
6 min. read

Shopping online has changed the way we buy things. To many, the internet has become the go-to place for clothes, furniture, office supplies and much more. According to a report by Statistics Canada, Canadians spent nearly $33 billion shopping online in 2019.

The COVID-19 outbreak has also led to more people choosing to shop online instead of in-store. By the end of May 2020, online sales reached $3.9 billion in a single month—a record-breaking 110.8% increase compared to May 2019.

If you’re a frequent online shopper, you understand the ease, convenience and speed of online shopping. A simple search gives you access to pretty much everything you’re looking for, often available for next-day delivery.

But while online retail continues to grow, fraudsters continue to find new ways to take advantage of shoppers trying to find the next best deal. Still, there are steps you can take to protect yourself.

1. Limit your online shopping to reliable retailers

How can you tell if a website is trustworthy or not? Seeing a locked padlock icon and “https” in the URL is a good first step. If you enter a site that doesn’t have these two things in the address bar, your data is at greater risk of being shared with a malicious entity.

There are also a few extra security steps that you should take when you visit a site:

  • Make sure the URL is correct and has no spelling mistakes. Scammers will try to take advantage of you typing in a hurry and misspelling a word in the URL to direct you to a fraudulent site. They’ll even go as far as making a fake website look exactly like a real one to get you to share your information.

  • Check the site’s security certificate. Click on the locked padlock icon and select “Certificate” from the menu. Under the “General” tab, find the “Issued to” field. If the name of the site matches the address in the “Issued to” field, the site isn’t fraudulent.

2. Create unique passwords for your accounts

Although it’s convenient to use the same password for every account you have, choosing a unique password for each account will go a long way in protecting you online. The stronger the password, the harder it is for fraudsters to guess.

As a rule of thumb, a strong password ranges between 8 to 30 characters and combines:

  • letters (uppercase and lower),

  • numbers,

  • and special characters (like $,#, @, !, %, &, *).

If you’re having a hard time keeping track of your passwords, consider using a password management app that stores and autofills your login credentials whenever you need to sign in to an account.

Remember: Change your passwords every 90 days and don’t reuse old passwords.

3. Question unbelievably good deals

Everyone loves a good deal. People rush to place orders on things that are heavily discounted online. However, if the price seems too good to be true, it most likely is.

Not sure how to spot a fake deal online? Look for these warning signs:

  • The site asks you to pay upfront in order to unlock the deal or receive a discount coupon.

  • You can’t pay with a secure method like your debit card, credit card or payment apps.

  • The site has a vague or nonexistent return/refund policy.

For example: If you notice a website is offering luxury brands of jewellery, clothes, or electronics for incredibly cheap prices, know that there’s a chance you’re paying for a defective item or an item you won’t receive at all. You also may not be able to get refunded for the item if you contact the seller.

4. Safeguard your devices and internet browsers

If you happen to miss the signs of an unsafe website, set up your device and internet browser to do the work for you. You can install security software for your computer, phone and tablet to get alerts whenever you enter a harmful site or click on a malicious popup. As for your browsers, we recommend you choose strong security settings and install the latest updates as soon as they’re available.

Here’s a cool little tidbit: As a BMO customer, you get access to security software for your devices from our leading tech partners.

5. Avoid online shopping in public

Public WiFi is every fraudster’s best friend. Shopping online while connected to a public network can be risky because there’s no guarantee on who’s running it and who can access it. Fraudsters can pose as the café, restaurant, or mall you’re in to trick you into joining their network and get a hold of your information.

Cybercriminals can also intercept your online activity when you connect to public WiFi. This includes your emails, browsing history, social media accounts and login credentials, which could compromise your private details.

Stick to your personal WiFi or your mobile data when shopping online to keep your info safe.

“If you notice a transaction you didn’t make on your bank statement, contact us immediately.”

6. Use mobile payment apps

Mobile payment apps (or digital wallets) like Apple Pay and Google Pay are considered more secure for online shopping than directly entering your card details at checkout. This is mainly due to these apps’ tokenisation mechanism that’s specifically designed to prevent credit or debit card fraud online.

So how does tokenisation work?

Mobile payment apps use a unique one-time code (or “token”) to process online transactions without revealing your account details to the retailer. This means you don’t have to enter your card number when checking out, and instead, the app uses the token it generates as a way to represent your card.

Your actual account number is held in a secure token vault and won’t be shared with the store. So even if the transaction is intercepted by a fraudster, they’ll only be able to access this temporary token and not your real card information.

Keep in mind: If you’re using a payment app on your phone, be sure to restrict the permissions of other apps so that they can’t access your private and financial info from your digital wallet. Also, be sure your phone passcode is secure!

7. Be aware of what you share

Be suspicious of online stores that ask you to provide your date of birth, Social Insurance Number (SIN), or other confidential information they don’t need to sell you a product.

Keep in mind that some online stores might ask you for additional info through a series of challenge questions that you’ve personally set up beforehand. Only you will know the answer to these questions and they’re simply used as a way to verify your identity when you sign in to your account.

8. Keep tabs on your online banking transactions

Be sure to check your bank statements regularly. If you notice a transaction that you didn’t make on your bank statement, it might be a sign of fraudulent activity and you should contact your bank immediately.

You can also set up alerts from your bank to get notified whenever a transaction is made with your card.

As more retailers and customers rely on online shopping, there’s no doubt that the internet has become the place to buy and sell things. Still, it’s important to be proactive about your security. If you have any suspicion about a website, leave it and shop somewhere else. At the end of the day, trust your gut and be smart about where you enter your card details to get the most out of your online shopping.

Unusual activity on your account?

Let us know

Report Fraud

Related articles

Travel tips for keeping your personal and business info safe

Need to travel for a business trip? Keep these tips in mind to make sure confidential information you carry with you is safe in transit.

Have questions?