Shopping and paying safely online

Before making purchases from unfamiliar online retailers, take steps to verify their authenticity. Utilize consumer review websites or seek recommendations from trustworthy sources.

Be cautious of unsolicited communications, such as emails or text messages (commonly referred to as phishing messages) that might link to imitation shops with attractive offers. Fraudsters can easily imitate the appearance of genuine websites, incorporating familiar logos and trademarks. They may also use deceptive domain names that resemble legitimate ones.

If you encounter an unfamiliar link, avoid clicking on it. Instead, consider these alternatives:

• Directly type the official URL of the retailer into your browser’s address bar.
• Perform a search for the store and carefully review the search results rather than solely relying on the top results.

• Whenever possible, use a credit card for online transactions. Many credit cards offer protection for online purchases as per the Consumer Credit Act.
• Debit cards offer limited protection; however, you might be eligible for a refund through a process known as ‘chargeback’.
• If you utilize payment services such as PayPal, Apple Pay, or Google Pay, review their terms and conditions to understand the protections they offer.
• Never engage in direct bank transfer payments.

During checkout, only enter essential information clearly marked with an asterisk. If you do not plan to shop frequently at a particular store, avoid creating an account:

• Look for a ‘check out as a guest’ option, which allows you to complete your purchase without account registration.
• Online payment platforms like PayPal, Apple Pay, or Google Pay generally do not require account creation.
• Do not allow your browser to remember your payment details if prompted.
• If you choose to create an account, refrain from allowing the retailer to save your banking information for future transactions.

Ensure that your shopping, banking, and payment accounts are safeguarded by robust passwords that are unique to each account. Reusing passwords can allow criminals to breach multiple accounts if they obtain a single password.

It’s essential that all of your significant online accounts, including email and social media, have unique strong passwords. The NCSC infographic provides guidance on creating and securely storing strong passwords to minimize the risk of forgetting them.

Additionally, enable 2-step verification (2SV) on all critical accounts. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, thus reducing the risk of unauthorized access even if your password is compromised.

Cybercriminals often embed malicious links in text messages, emails, and social media content. Detecting these can be challenging, and they frequently promote unbelievable deals that redirect you to counterfeit websites resembling authentic online stores.

These fraudulent sites are designed to deceive users into providing payment information or personal data.

If an email, text, website, or social media post appears suspicious, adhere to the NCSC guidelines for handling suspicious communications:

• If you receive an unexplained email, forward it to the Suspicious Email Reporting Service (SERS) at report@phishing.gov.uk.
• For a questionable text message, forwarding it to 7726 allows your provider to investigate without any cost to you.
• If you believe you visited a scam website, report it to the NCSC for potential investigation.
• Should you see a suspicious online advertisement, report it via the Advertising Standards Authority (ASA), enabling them to act against fraudulent ads.

If you have fallen victim to a scam payment, immediately notify your bank and report the incident to Action Fraud (for England, Wales, and Northern Ireland) or Police Scotland (for Scotland).

If you suspect your credit or debit card has been compromised, alert your bank promptly to prevent unauthorized use.

If an ordered item fails to arrive or does not match its description, Citizens Advice offers helpful guidance for obtaining refunds for payments made via credit or debit cards or PayPal.

• Stop! Think Fraud is the UK government’s campaign against fraud, offering comprehensive advice on safeguarding against various types of fraud, including online fraud.
• Which? provides advice on identifying fake reviews that can help you spot dubious online retailers.
• The team at Money Saving Expert has compiled advice on avoiding online scams.