Shopping online has benefits: It’s quick, convenient and much less stressful than a trip to the mall. However, it’s not without risks. Nearly half of consumers who shopped online in the past year say they have experienced payment fraud, representing nearly 80 million online shoppers, according to a 2016 American Express survey.

But there are ways to avoid fraud. Follow these tips for safe online shopping.

Protect your passwords

Your login information is the gateway to your personal data, which makes usernames and passwords valuable prizes for thieves.

“They can sell your personal information, use logins to empty your entire bank account, or even open new bank accounts in your name that could damage your credit,” says Jonas Sickler, marketing director for, which offers product recall information and safety-related news.

If you regularly shop on a retailer’s website, using a profile rather than checking out as a guest can speed up the process. But there are precautions you should take first: Create complex passwords and avoid using the same password across multiple accounts. This will help safeguard your other accounts in the event one is breached.

Sickler also recommends that you don’t store your passwords on your smartphone or computer, in case these devices are stolen or compromised. “As inconvenient as it might be,” he says, “The old paper in a drawer is probably the safest way to keep bank account information and passwords safe.”

Use a private network

From coffee shops to airports, free public Wi-Fi hot spots are available practically everywhere. But just because you can shop from almost anywhere doesn’t mean you should.

Not all networks are secure, which means they don’t encrypt your information to prevent others connected to the same network from obtaining it. The Federal Trade Commission recommends switching off the setting on your device that automatically connects it to the nearest Wi-Fi network, so that you don’t risk joining an unsecured one.

Even if the network is secure, having your screen in plain view leaves you vulnerable to potential fraudsters in your vicinity who may be watching your every move. Refrain from entering your credit card information, personal information or passwords while in public.

Think before you click

Cyber criminals use email phishing schemes to trick shoppers into installing malware or divulging sensitive information. These emails contain malicious links or attachments disguised as offers, surveys or inquiries from reputable retailers, banks or charities.

Scammers know that most consumers buy from retailers like Amazon around the holidays, and capitalize on this by sending fake order invoices or shipping updates via email. “You expect you’re going to get a tracking email and you just click it without thinking twice,” Sickler says.

The New York Times reported that harmful parties had posed as popular retailers and released fake apps in Apple’s App Store during the 2016 holiday season. No matter the time of year, always go directly to a familiar seller’s website or trusted app to make a purchase, track your order or update your payment information rather than click on an email link.

Here are some other ways to avoid the phishing traps:

  • Don’t open emails or links from unknown senders.
  • Verify a link by hovering your cursor over it without clicking. The URL will appear at the bottom of your browser.
  • Look for secure site markers, such as a lock symbol next to the URL at the top of the page, and a URL that starts with “https” rather than “http.” The “s” means the site is secure and encrypted.
  • Misspellings are big red flags. Fake emails and app descriptions tend to be riddled with typos, and imposter brands or sites may be off by a character or have letters transposed.
  • Check app reviews and history in the App Store before you download. Apps that claim to be from major companies but have no previous versions, no reviews or overwhelmingly negative reviews are probably not legitimate.

Choose credit over debit

You’ve taken steps to ensure you’re shopping on a secure, authentic page. But once you’re ready to check out, you’ll want to make sure your payment method is safe, too. Credit cards typically offer more protection than debit cards. For example, your potential liability for fraudulent transactions tends to be less with credit cards than with debit.

And if your device supports Apple Pay or Android Pay, consider adding your credit card to your digital wallet for an extra layer of security. These payment methods allow you to use your fingerprint in place of a password, and encrypt your transaction data so that it’s harder for thieves to steal.


Lauren Schwahn is a staff writer at NerdWallet, a personal finance website. Email: Twitter: @lauren_schwahn.