How to shop safely online

Black Friday and Cyber Monday are two of the biggest shopping events of the year, offering exciting discounts and deals across a wide range of products. While these sales can be a great opportunity to save money, it’s also an opportunity to fall victim to cybercrime.

The increase in BYOD (bring your own device) and remote work arrangements have led to more and more employees using their own devices at work, giving potentially easy access for cybercriminals to the company networks.

1. Be phishing aware

Are you confident that your staff know how to identify a dodgy text or email? With 38% of all data breaches notified being attributable to human error, ensuring that your staff are well educated on protecting themselves online and making sure that they are acting safely online is more important than ever.

During busy sales periods, online scammers prey on the vulnerability of shoppers who are seeking a good deal. Before clicking anything in an email or text message (no matter how good the deal!), we encourage:

  • Check the ‘From’ email – The email should generally follow normal email address protocol and use the domain of the retailer’s website. For example, an email from Coles Supermarkets will be from  Fake addresses often have spelling errors, will be sent from a public email domain like, or may even have a string of numbers or letters:
  • Check links – It can be sometimes difficult to tell if a link is legitimate. Particularly on a text message where a shortened link may have been used:
  • To get around this, on a computer you can hover over a link or button with your mouse to see where it is leading to.  On a mobile device, hold down on the link or button and a pop-up will appear containing the link.  If it’s clearly not the retailer’s website or you’re unsure – delete the communication!
  • Look for bad spelling or grammar – often phishing emails or texts will have errors throughout.

The safest thing that you can do is open a web browser and searching for the retailer direct.  This should ensure that you end up on their actual website, and you’re not being redirected to a false, insecure website.

2.  Verify website security

One of the first things online shoppers should do when looking to transact online is to verify the security of the website they are visiting.  This can be done through looking for the padlock, checking the web address, and using Google’s safe browsing technology.

Look for the padlock & check HTTPS

Before making a purchase, check for the padlock icon in the website’s address bar.  This small padlock symbol is a clear indicator that the site is using a secure, encrypted connection (HTTPS) to protect your data. If the padlock is missing or the website starts with “HTTP” rather than a “HTTPS”, proceed with caution.

Use Google’s Safe Browsing technology

Google Transparency Report’s Safe Browsing site status is a valuable tool that you can use to help assess the safety of a website.  It examines billions of addresses per day, looking for unsafe websites so it is able to inform you if a particular site has been flagged for phishing or malware.  Simply enter the website’s URL (address) in the tool, and it will provide you with information about the site’s safety status.  If the site is marked as unsafe, avoid making any transactions.

3.  Research the retailer

Before making a purchase with a retailer, especially one that you may not be familiar with, it’s essential that you take the time to verify their authenticity.

Here are some steps to take:

Google the business

A simple Google search of the business name can yield valuable information.  Look for results that confirm the legitimacy of the business, such as news articles, customer reviews, their social media channels, and the listing for their official website.  If you can’t find anything, consider this a red flag.

Check online reviews

Online reviews can provide insights into the experiences of other customers with the retailer.  Don’t rely on the reviews on their actual website, instead look to third-party platforms such as Yelp, Trustpilot, or Google.  Pay attention to the overall rating, how many reviews in total they have, as well as any specific comments about the quality of products, their customer service, and the reliability of delivery.

If a business has only very few reviews, and/or negative reviews that have been left unanswered, this could be a sign to move on and purchase elsewhere.

Social media verification

Social media is a cornerstone marketing tool for most online retailers, so you would expect them to have active social media profiles for their businesses.  Visit their channels on Facebook and Instagram to check for recent posts, interactions with customers, and the overall authenticity of their online presence.  If a business has little to no social media activity, such as no recent posts, minimal followers and engagement, it could be a cause for concern.

4.  Ensure secure payment methods

Your choice of payment method can significantly impact the security of your online shopping experience.  Here are some ways that you can make your payment secure:

Check the company’s contact information

Legitimate retailers provide clear and accurate contact information, including a physical address, phone number and an email address.  Make sure this information is available on the website and matches what they present on their social media channels too.

Use PayPal if available

Whenever possible, opt for using PayPal as your payment method.  PayPal offers an additional layer of security by acting as an intermediary between your financial institution and the retailer.  They offer a robust dispute resolution process in case of any issues with your purchase.

Beware of too-good-to-be-true deals

Whilst Black Friday and Cyber Monday are known for amazing discounts, be cautious of deals that seem too good to be true.  Scammers often use extremely low prices to lure unsuspecting shoppers.  If a deal seems too incredible, do some additional research and consider the authenticity of the website.

If you’re concerned about cybersecurity within your business, or if you’d like some employee training to help provide a safety net for your business, please contact the Calvert Technologies team today.

Contact our CET Team today
for a complimentary assessment and consultation