Online shopping and protecting your data

Shopping online is one of the most convenient things that modern life has afforded us. For shoppers who don’t like the hassle of walking around crowded places or lining up in long queues, online shopping is the best alternative to hitting the high street.

With major shopping periods such as Black Friday, Cyber Monday, the run up to Christmas and of course not forgetting the January sales, scammers are taking advantage of more opportunities to target unsuspecting customers, therefore it’s more important than ever to be vigilant about protecting your personal information when shopping online.

Just as shoppers need to take security measures when shopping in brick-and-mortar stores, online users should also be aware of the risks involved when it comes to online transactions. Ideally, we all think of securing our credit card information, and that’s good. But that’s not the only privacy concern we should think of.

Here are some top tips on how to secure and maintain your privacy and security when shopping online:


Think before you click – Being scammed online could translate to an eventual invasion of your privacy. Spammers will often try to entice you in with tempting offers, click bait descriptions and often convincing phishing scams. Before you click on unverified posts, messages, ads, or emails, think twice and ask yourself “Is this too good to be true?”

How much is too much? - When using an online retailer, stop to think about what details they're asking you to share in order to make a purchase. Are they collecting excess details? Retailers often want to know everything about their customer. but if you think they are collecting irrelevant information, consider what they want this information for. Also take the time to check the company's privacy policy, where they should be stating what information they're collecting, who they may be sharing it with and how long they will keep it for. 

Double-check URLs – Try not to rely on manually typing a URL into your browser, and always double check which site you’re selecting when using a search engine. An incorrect URL can lead you to a phishing scam and cyber criminals have been known to replicate payment pages with fake ones. An easy way to check if the site's payment page is secure is to check the URL starts with “HTTPS” instead of just “HTTP”.

Use an official online shopping app – Mobile shopping accounts for almost 60% of online retail sales in the UK, and more retail businesses are opting to create their own official mobile apps. Ensure you are using the official apps for retailers such as Amazon and avoid third party apps, as these apps could compromise your personal data by recording details such as your email address and passwords for the legitimate shopping app it is trying to emulate.

Always use strong and secure passwords – One of the best ways to help make your online accounts secure is with strong, unique passwords. Use a combination of upper and lower case, numbers and symbols to increase password strength, and don’t use the same password for all of your important accounts. The most hacked passwords are those with sequences & numbers, your own name or those of close family members and pet names. Updating your passwords regularly is also recommended.

Use multi factor authentication – Where possible, multi-factor authentication (MFA) is the next best defence if your password is compromised. Nearly all online banking apps require users to set up MFA and many online retailers will ask you to complete payment through their banking app to confirm it is the card holder making the transaction. Ensure you have these set up to add another level of safety to purchasing items online.

Use a secure network – In 2021, Brits spent on average £275 during Black Friday sales, and £548 on Christmas gifts. You can see why it might be appealing for hackers to target shopping sites and payment apps, so if you’re using a mobile device to pay, make sure that you are using the official payment app, and that you’re accessing via a secure and private network that is less vulnerable to hackers, otherwise you could risk losing your personal data or even a substantial amount of your hard-earned money.