Fact Sheet 23:
Online Shopping Tips:
E-Commerce and You
Send to Printer
Privacy Rights Clearinghouse
- Shop at Secure Websites
- Read the Website's Privacy and Security Policies
- Be Aware of Cookies and Behavioral Marketing
- What's Safest: Credit Cards, Debit Cards, or Checks?
- Disclose Only the Bare Facts When You Order
- Keep Your Password Private
- Be Aware of Dynamic Pricing
By clicking a mouse or touching a screen, shoppers can buy nearly any product online -- from groceries to cars, from insurance policies to home loans. For many, the internet has taken the place of shopping at the mall.
Just as shoppers should take measures to protect themselves in brick-and-mortar retail stores, online shoppers also need to take sensible precautions. This guide offers advice on how to make your online shopping safe.
How can you tell if a website is secure? Secure sites use encryption technology to transfer information from your computer to the online merchant's computer. Encryption scrambles the information you send, such as your credit card number, in order to prevent hackers from obtaining it while in transit. The only people who can unscramble the code are those with legitimate access privileges. Here's how you can tell when you are dealing with a secure site:
- If you look at the top of your screen where the website address is displayed, you should see https://. The "s" that is displayed after "http" indicates that website is secure. Often, you do not see the "s" until you actually move to the order page on the website.
- Another way to determine if a website is secure is to look for a closed padlock displayed on the address bar of your screen. If that lock is open, you should assume it is not a secure site.
You will want to think about the sensitivity of the data that is being compiled about you when you shop online. We cannot prescribe the best approach to take. Every consumer has a different interpretation of what is considered “sensitive.”
Online merchants as well as other sites watch our online activities by using cookies, a tracking system that attaches pieces of code to our internet browsers to track which sites we visit online.
Privacy advocates worry that as more and more data is compiled about us — without our knowledge or active consent — it will be combined to reveal a detailed profile. This data is often collected to market goods and services to us, encouraging us to buy them. There are a number of companies that specialize in targeted online advertising called "behavioral marketing." Companies say consumers benefit by being exposed to more targeted advertising and that online merchants can make more money more efficiently by targeting the right shoppers.
5. What's Safest: Credit Cards, Debit Cards, or Checks?
The safest way to shop on the internet is with a credit card. In the event something goes wrong, you are protected from unauthorized charges under the federal Fair Credit Billing Act. You have the right to dispute charges on your credit card, and you can withhold payments during a creditor investigation.
Make sure your credit card is a true credit card and not a debit card. A debit card can expose your bank account to thieves. Your checking account could be wiped out in minutes by fraudulent transactions.
Using only one of your credit cards for online purchases can make it easier to spot fraudulent activity. Likewise, turning on text message or email alerts from your card issuer can be a great way to quickly detect fraudulent purchases.
Online shopping by personal check leaves you vulnerable to bank fraud. Sending a cashier's check or money order doesn't give you any protection if you have any problems.
Never pay for online purchases by using a money transfer service. You could be transferring cash to a fraudster. Scammers will ask consumers to send them payment using a money transfer service such as Western Union or MoneyGram because they can get your cash fast and it’s difficult to trace. Legitimate sellers normally do not ask consumers to send payment that way. Money transfer services should only be used to send money to people that you know well, not to unknown sellers of merchandise online.
When placing an order, there is certain information that you must provide to the merchant such as your name and address. Often, a merchant will try to obtain more information about you. They may ask questions about your leisure lifestyle or annual income. This information is used to target you for marketing purposes.
Don't answer any question you feel is not required to process your order. Often, the website will mark which questions need to be answered with an asterisk (*). Should a company require information you are not comfortable sharing, find a different company that sells the product.
Providing your Social Security number is not a requirement for placing an order at an online shopping site. There is no need for the merchant to ask for it. Giving out your Social Security number could lead to having your identity stolen.
Many online shopping sites require the shopper to log in before placing or viewing an order. The shopper is usually required to provide a username and a password. Don't have your computer or device remember your password if a website has your payment information or other personal data.
Never reveal your password to anyone. When selecting a password, do not use commonly known information, such as your birthdate, mother's maiden name, or numbers from your driver's license or Social Security number. Do not reuse the same password for other sites, particularly sites associated with sensitive information. The best password has at least eight characters and includes numbers and letters.
Some online retailers use dynamic pricing to engage in price discrimination by charging different prices to different consumers for identical goods or services. When you purchase goods or services online, you may be paying a higher or lower price than another online customer buying the same item from the same site at the same time. While online shopping enables consumers to easily compare prices, it also allows businesses to collect detailed information about a customer's purchasing history and preferences. Online stores can use that information to customize the prices they charge you.
While dynamic pricing has existed for a long time for time-sensitive products such as airline tickets, hotel room reservations, and rental cars, it’s difficult to justify the use of dynamic pricing for goods and services that are not of a time-sensitive nature.
Online merchants can easily implement dynamic pricing by placing cookies on a customer’s computer which will track the user’s past interactions with the site. By using this information, sites can customize their interactions based on your past activities. Online stores can read the cookies on your browser to determine what products or services you searched for and bought and how much you paid for them. This information helps them to predict how much you might be willing to pay for a product or service.
There are several ways that you may be able to defeat dynamic pricing. Obviously, do not log in to a site before you obtain a price quote. Be sure to clear the cookies from your browser before you visit a site. Utilize price comparison sites that check prices from multiple vendors. Finally, if you do log in to a site, try leaving items in your shopping cart for a few days, to see if the merchant offers any discounts.
Federal Trade Commission, Shopping Online
American Bar Association, Safe Shopping
Browse Privacy Topics
Background Checks & Workplace
Banking & Finance
Credit & Credit Reports
Harassment & Stalking
Identity Theft & Data Breaches
Online Privacy & Technology
Privacy When You Shop
Public Records & Info Brokers
Social Security Numbers
Who We Are
We are a nationally recognized consumer education and advocacy nonprofit dedicated to protecting the privacy of American consumers.