Online shopping is convenient and the preferred way to shop for a lot of Australians. But it comes with a risk.
Cybercriminals often target online shoppers to steal their money or their personal details. They do this through a variety of methods, including setting up fake retailer websites, selling products that don’t exist, asking for personal and payment information they don’t need, and installing malicious software (“malware”) on your device. It is important to be alert and be secure when you are shopping online.
Once a cybercriminal has your financial details and money you are unlikely to get your money back. Not only will you be disappointed your goods never arrived, you will also have lost the money you paid for the goods.
There are many things to think about when using personal devices (e.g. smartphones, tablets, computers and laptops) for online shopping. Follow our security tips to make sure your online shopping experience is secure.
If things go wrong
If you think you’ve been scammed, there is help available. Check out our advice for what to do if you find yourself a victim of a scam.
Online shopping scams can have serious effects
Online shopping scams don’t discriminate. They can affect individuals of any age and businesses of all sizes.
How to shop online securely
The best way to protect yourself while shopping online is to know how to look for suspicious websites and sellers while boosting your protective security measures. There are many things to be aware of while you shop and after you make a purchase.
To help you prepare, we have put together a checklist of the key advice:
Shop using secure devices
Make sure the devices you use for online shopping have the latest updates installed and are connected to a trusted network. For example, use your home Wi-Fi or (4G/5G) cellular rather than public Wi-Fi.
Protect your payment information and accounts
Be careful saving payment information on an online shopping account. If you do save payment information to an account, you should turn on multi-factor authentication (MFA) to protect it. Where this is not possible, set a long, complex and unique passphrase as the account’s password to help keep cybercriminals out. You could also use a password manager to generate and store passwords for you.
Use trusted sellers
Research online shopping websites before you buy and stick to well-known, trusted businesses.
Know the warning signs
Extremely low prices, payments through direct bank deposits, and online stores that are very new or have limited information about delivery, return and privacy policies can all be signs of a scam.
Use secure payment methods
Never pay by direct bank deposits, money transfers or digital currencies such as Bitcoin, because it is rare to recover money sent this way. You should pay by PayPal or with your credit card. You may want to set up a second card with a low credit limit and keep it specifically for online shopping. This will help minimise financial losses if your card details are compromised after shopping online.
Don’t engage, and report suspicious contact
Be aware of any strange phone calls, messages or emails you get about online orders. It could be someone trying to get you to share your personal or financial details. If someone contacts you about an order you don’t remember placing, it could be a scam. Stop contact and reach out to the store using the details on their official website to check.
Watch out for fake delivery scams
Don’t let your guard down while you’re waiting for your goods to arrive. Cybercriminals can send fake parcel delivery notifications with links that could trick you into downloading malware or giving away your personal details. If you receive such a message, do not click on the link. Delete the message immediately. You can contact the seller or the courier company using the details on their official website. Scamwatch has examples of what these fraudulent text messages may look like.
Take additional precautions
It is always a good idea to limit the amount of personal information that you use on websites. Ask yourself if the website really needs this extra information or an account to complete the transaction.
Check out our resources below for more advice on online shopping. You can also visit Scamwatch for more information on online shopping scams.
Download ASD's ACSC's secure online shopping checklist.
What to look for
The best way to stay secure while shopping online is to know how to look for suspicious websites and boost your protective security measures. We have put together information to help you.
While you are shopping
The best way to avoid being a victim of cybercrime is to be informed. It is really important to know how to secure your device and recognise a fake website or scammer.
After you've made a purchase
Once you’ve made a purchase you still need to remain vigilant. Cybercriminals can target you even after you’ve made a purchase on a legitimate website. Learn what to look out for after you’ve bought something online.
If things go wrong
If you think you're a victim of a scam, there are steps you can take to protect yourself from further harm.