Many client shop from the comfort of their homes – or from their phones on the go. But while they may avoid mayhem in the malls, shopping online comes with its own risks.
Clients should be sure their virus software and firewalls are up to date, but doing so doesn’t guarantee they’re protected from online fraud.
David Malamed, partner, Forensic and Dispute Resolution, Grant Thornton LLP, offers five tips that’ll help ensure clients’ cyber-shopping doesn’t lead to an identity theft nightmare.
#1. Major retailers
Despite recent examples of major breaches, it’s still best to stick to major retailers, which typically have more thorough security measures.
#2. Go direct
Avoid accessing retailer websites via hyperlinks in promotional emails, even if you buy from them frequently. Instead, manually type the URL into the address bar, or do a Google search for the retailer, and access the webpage from the search results.
Malamed explains fraudsters are getting very good at replicating major retailer’s logos and email communications. Even web-savvy clients can be fooled by a well-designed phishing email. All it takes to compromise a computer, he says, is for a client to click a link in a seemingly legitimate email.
#3. No important info via email
No reputable retailer will ask a customer to send sensitive account information, such as usernames, passwords and credit card numbers, via email. Clients should do account maintenance on the retailer’s website.
#4. Check that address
No matter how clever fraudsters may be, they can’t replicate a retailer’s email or web address. But that doesn’t keep them from trying to get as close as they can. For example, they may alter a letter or two in the spelling of the company’s name within the URL or email address. It’s a giveaway, but only if clients carefully check the URL or email address.
#5. Pay protected
Tell clients to pay with major credit cards or reputable payment services such as PayPal, as they often limit your liability if you’re scammed.