Michigan State University professors offer holiday e-shopping tips

Contact: Lisa Mulcrone, University Relations, Office: (517) 432-0922, Cell: (517) 285-1044, Lisa.Mulcrone@ur.msu.edu

E-mail Editor

Published: Nov. 20, 2007

Story

EAST LANSING, Mich. — JupiterResearch, an Internet research firm, projects that online holiday retail sales will surpass $39 billion in 2007, with the number of Web users who plan to buy online increasing by more than 6 percent compared with last year’s number.

While it's safe to do so, Michigan State University professors Bob LaRose and Nora Rifon, who study consumer privacy and online safety for e-commerce and social effects of the Internet, offer these tips for holiday shoppers going online to buy gifts.

“First, don't be afraid to use your credit card online,” said LaRose, a professor in the Department of Telecommunication, Information Studies and Media. “The real danger comes from the bad guys hacking into the proprietor's Web site after the transaction has taken place. But that is also a problem in the offline world.”

  • Try not to use your debit card online. Credit card companies have policies limiting your liability for purchases made by someone who steals your card or number. That makes credit cards a safer online payment choice than some other methods. Check your credit card’s policy. If your debit card number is stolen, your account can be wiped out.
  • Check for a secure connection for your transaction. Before entering your credit card information, make sure that you are on a secure Web page. The two indicators of this are the URL has an “s” in its address – https: – and a lock icon appears at the lower right of the screen in the browser frame. If either of these is missing, do not enter your credit card number and leave the Web site. The Cybertrust seal is a new program that also verifies that a Web site has a secure connection. Make sure to click on the seal to verify it is real.

In addition:

  • Set up a disposable e-mail account (like Yahoo or Hotmail) that you use only for shopping. Give that out when registering on e-commerce sites to prevent spam in your main e-mail account.
  • Use the disposable e-mail account when registering at a site. Provide only the information that is required. Never supply your Social Security number. Scroll to the bottom of the registration page and make sure to opt out of receiving e-mail for product updates or any other purpose. If you opt in, which is sometimes the default setting; you're setting yourself up for a deluge of spam especially if the site allows sharing with third parties.
  • Set up a PayPal account if you will be shopping at many sites so you won't have to give your credit card number to more than one location.
  • Look for reputable sites. Begin the search with reputable store front sites like http://www.amazon.com, or if you're looking for electronic products – CNET – which maintains ratings of individual vendors.
  • Don’t be a victim of phishing, or e-mail scams or fake Web sites. If you are shopping online, use an Internet browser that has a phish filter, and make sure the filter is turned on. Identity thieves set up Web sites pretending to be reputable sites to phish for information. A phish filter will alert you if you are trying to link to a known phishing site.
  • After the sale, you may receive e-mail that appears to be from the site that you have made a purchase from. But this could be part of a phishing scam to obtain your credit card or Social Security number. So, verify the URL in the message before you click on it, or call an 800 number from the site that you originally visited to verify the legitimacy of the message.

To avoid being tracked or spammed: 

  • Check the privacy settings in the Internet options of your browser. In Internet Explorer, set privacy to “high” to prevent third-party cookies from piling up on your computer. Or if you want to accept cookies to shop, dump them immediately after your session.
  • Read privacy policies. Click on the privacy policy and read it carefully, and if you don’t want spam, avoid sites that mention that they will reserve the right to share or sell your data to third parties.
  • Click on a privacy seal, such as TRUSTe or BBBOnline. You should click on the seal to verify that it leads back to the seal authority and is not a phony graphic. But remember that privacy seals don’t offer the promise of no data collection and sharing. They verify that the privacy policy is considered fair by the Federal Trade Commission and that the Web site will abide by its policy. Read the privacy policy to find out what the Web site will actually do with your personal information.

 To prevent computer infections and avoid malware: 

  • Examine your security settings, and disable “ActiveX” since this is a popular route for introducing malware to your computer. Malware is software that is developed with the intention to damage a computer system.
  • Update your protections: Don’t forget to check if your virus protections are up to date; if they aren’t, install a malware scanner such as Spyware Doctor.

“Remember, it is possible to catch malware simply by visiting a Web site now,” said Rifon, a professor in the Department of Advertising, Public Relations and Retailing. “So be wary of unknown vendors. Before shopping at an unknown site, read the privacy policy and look for third-party seal certifications from a well-known organization such as the Better Business Bureau.”

“Finally, be suspicious of any special offers or warnings from security personnel connected to the Web site. These are frequent lures in phishing scams designed to make you visit sites that will infect your computer with malware or collect private information from you,” she said.

 ###

 


*Adobe Acrobat Reader is required to read PDF documents.