Just as shoppers should take measures to protect themselves in brick-and-mortar stores - such as protecting their PIN numbers when checking out and not leaving purses or wallets unattended - online shoppers also need to take sensible precautions.

This guide offers advice on how to make your online shopping experience enjoyable and safe.

Shop at Secure Websites

How can you tell if a Website is secure? It uses encryption technology to transfer information from your computer to the online merchant's computer. Encryption scrambles the information you send, such as your credit card number, in order to prevent computer hackers from obtaining it en route. The only people who can unscramble the code are those with legitimate access privileges.

You can tell when you are dealing with a secure Web site in several ways:

  • First, if you look at the top of your screen where the Web site address is displayed, you should see https://. The "s" that is displayed after "http" indicates that the Website is secure. Often, you do not see the "s" until you actually moved to the order page on the Web site;
  • Another way to determine if a Web site is secure is to look for a closed padlock displayed at the bottom of your screen. If that lock is open, you should assume it is not a secure site;
  • The third symbol that indicates you are on a secure site is an unbroken key.

Of course, transmitting your data over secure channels is of little value to you if the merchant stores the data unscrambled. You should try to find out if the vendor keeps the data in encrypted form. If a hacker were able to break in, they could not obtain your credit data and other personal information. Be sure to read the merchant's privacy and security policies to learn how they safeguard your personal data on their computers.

Research the Website before You Order

Do business with companies you already know. If the company is unfamiliar, do your homework before buying their products or services. If you decide to buy something from an unknown company, start out with an inexpensive order to learn if the company is trustworthy.

Reliable companies should advertise their physical business address and at least one telephone number, either customer service or an order line. Call the telephone number and ask questions to determine if the business is legitimate. Even if you call after hours, many companies have a "live" answering service, especially if they don't want to miss orders. Ask how the merchant handles returned merchandise and complaints. Find out if it offers full refunds or only store credits.

Read the Web Site's Privacy and Security Policies

Every reputable e-commerce Web site offers information about how it processes your order. It is usually listed in the section entitled “Privacy Policy.” You can find out if the merchant intends to share your information with a third party or affiliate company. Do they require these companies to refrain from marketing to their customers? If not, you can expect to receive “spam” (unsolicited email) and possibly even mail or telephone solicitations from these companies.

You can also learn what type of information is gathered by the Web site, and how it is - or is not - shared with others. The online merchant’s data security practices are also often explained in the Privacy Policy, or perhaps a separate Security Policy.

Look for online merchants who are members of a seal-of-approval program that sets voluntary guidelines for privacy-related practices, such as TRUSTe (www.truste.org), VeriSign (www.verisign.com), or BBBonline (www.bbbonline.org).

Be Aware of Cookies and Behavioural Marketing

Online merchants as well as other sites watch consumer shopping and surfing habits by using "cookies," an online tracking system that attaches pieces of code to our Internet browsers to track which sites we visit as we search the Web.

"Persistent" cookies remain stored on your computer while "per-session" cookies expire when you quit your browser. Online merchants use cookies to recognize you and speed up the shopping process the next time you visit. You may be able to set your browser to disable or refuse cookies but the trade-off may limit the functions you can perform online, and possibly prevent you from ordering online.

There is an on-going debate about this as some consumers are questioning if their behavioural marketing profile can be shared with others without their permission. Some have suggested an “opt-in” option for this before collecting or sharing any personal information about them, such as their computer's IP number. Another recommendation is a “Do Not Track" list for those who do not wish to be followed online, patterned after the widely used Do Not Call list.

What's Safest: Credit Cards, Debit Cards, Cash, or Checks?

The safest way to shop on the Internet is with a credit card. You have the right to dispute charges on your credit card, and you can withhold payment during a creditor investigation. It is recommended that you obtain one credit card that you use only for online payments to make it easier to detect wrongful credit charges.

Disclose Only the Bare Minimum of Facts When You Order

When placing an order, there is certain information that you must provide to the web merchant such as your name and address. Often, a merchant will try to obtain more information about you. They may ask questions about your leisure lifestyle or annual income. This information is used to target you for marketing purposes. It can lead to "spam" or even direct mail and telephone solicitations.

Don't answer any question you feel unnecessary to process your order. Often, the Website will mark which questions need to be answered with an asterisk (*).

Keep Your Password Private

Reputable e-commerce Websites require the shopper to log-in before placing or viewing an order. The shopper is usually required to provide a username and a password. Never reveal your password to anyone. When selecting a password, do not use commonly known information, such as your birth date, mother's maiden name, or numbers from your driver's license or Social Security number. Do not reuse the same password for other sites. The best password has at least eight characters and includes numbers and letters.

Check the Website Address

Above the web site at the top of your screen is a rectangular window that contains the web site address (also called the URL - Uniform Resource Locator). By checking that address, you can make sure that you are dealing with the correct company.

Don't Fall for "Phishing" Messages

Legitimate businesses don’t ask for sensitive information via email, so don’t respond to any request for financial information that comes to you in an email. Again, don’t click on any links embedded within such suspicious emails, and always call the retailer or financial institution to verify your account status before divulging any information.

Always Print Hard and Soft Copies of Your Orders

After placing an order online, you should receive a confirmation page that reviews your entire order. It should include the cost of the order, your customer information, product information, and the order confirmation number. It is recommended that you print out at least one copy of the Webpage(s) describing the item you ordered as well as the page showing company name, postal address, telephone number, and legal terms, including return policy. Keep it for your own records for at least the period covered by the return/warranty policy.