Last night I fell asleep, phone in hand, screen aglow — in the middle of a Zappos shopping binge.
Luckily, my eyes shut before I hit the checkout process.
Turns out, it’s not just me.
Last year, nearly 40% of holiday shopping occured online, according to the Better Business Bureau. What’s more, 27% of those online sales were conducted with a mobile device.
Sure, you know how to stay safe while shopping online, but what about from your smartphone?
I spoke with Steve Weisman, professor at Bentley University and author of the fraud and identity theft blog Scamicide.
8 Ways to Stay Safe While Online Mobile Shopping
Shopping for the holidays on your phone is quick and convenient, but if you’re not being smart about it, you could get totally scrooged.
If someone gains access to your information, you’re prone to unauthorized purchases and identity theft.
“It’s not as bad as you think; it’s far worse,” Weisman says. “It’s not just a matter of someone accessing your credit card or bank account. They can make charges to your name, and it can affect your credit report.”
This can ruin your job, apartment, car or home search.
So take a few moments to be sure you’re shopping smart on your smartphone.
Take these quick tips into consideration.
1. Get some security software on your phone.
We all have it on our computers, but what about our phones?
To be honest, I’d never thought about this until Weisman suggested it. I asked him where I’d even find it.
“All of the companies that provide security software for your computer will do it for your smartphone,” he says.
He uses something called Malwarebytes. But just like anything else, shop around and find the best fit for you and your device.
And be sure to update it, for goodness sake, which leads me to…
2. Update your phone’s software.
I put those pesky phone updates off all the time. Really, who has time for that anyways? (Just kidding, I’m not that busy.)
But stop. Do it. Now.
Weisman says a recent iPhone update included “security patches,” fixing some security issues.
“If you don’t update these, these particular security flaws would allow someone to take over your phone,” he says.
Put it that way, and the update really doesn’t take that long…
3. Shop on a secure Wi-Fi network.
Say you’re sipping that sweet, sweet latte at Starbucks and thought of the perfect gift for your bookish friend.
Impulsive buys are great and all, but be sure you’re using a secure Wi-Fi network.
Even if the Wi-Fi name is something legit like “Starbucks Free Wi-Fi,” don’t immediately trust it.
“It may not be the Wi-Fi of Starbucks — instead it could be a phony one set up by someone sitting at a table nearby, and you’re giving all of your info to that person,” Weisman says.
Generally, when you go to connect to Wi-Fi, it’ll tell you it’s an insecure line, but your safest bet is to hold off. Wait until you get to work, back home or to a place where you trust the Wi-Fi.
(Sorry for picking on you Starbucks; I still like you.)
4. Shop on an encrypted site.
Yeah, I’ve heard that word — encrypted — before. Without getting too techy, it means your data is being concealed in a code so it can’t be accessed by unauthorized users.
Encryption is good.
To be sure you’re shopping on an encrypted site, check the URL. Does the beginning of it read “http://” or does it read “https://”? You want to see that “s,” which stands for secure.
If you don’t, abort all online shopping operations and find the legitimate, secure site. Like the security software mentioned above, there’s encryption software available, too.
5. Take note of your apps.
Many popular retailers have apps now. These are usually just fine to shop on, but be cautious.
The New York Times recently sent out warning flares: “Hundreds of fake retail and product apps have popped up in Apple’s App Store in recent weeks — just in time to deceive holiday shoppers.”
Some of the fake apps that masqueraded as legitimate retailers have included Dollar Tree, Foot Locker, Dillard’s, Nordstrom and even Zappos. (All of these retailers have real apps.)
The scary part? These were all downloaded from the Apple’s app store.
The Times urges consumers to keep an eye open for red flags — oftentimes obvious ones — such as words in broken/butchered English, no reviews in the app store and no history of previous versions of the app.
6. Be cautious of online coupons.
Ah, yes, my biggest weakness… purchasing something because it’s discounted.
However, I ought not to be so trusting of these suckers. Weisman says to never download a coupon or click on a coupon attachment in your email.
“Those can turn into malware if you’re downloading,” he says. (Malware is bad, FYI.)
Be careful: You also might get these via text messages or see some on social media.
The fix, though, is super easy. Any store offering a coupon or discount is likely advertising it on its homepage; it shouldn’t be super secretive.
Also take into account that these are usually simply codes you enter while checking out — no downloads required.
Another one of Weisman’s mottos? “Trust me, you can’t trust anyone.”
7. Pay with a credit card.
That is, if you can responsibly pay it off. But shopping with a credit card limits your personal liability if someone gets their nabby hands on your information.
There a nice piece of legislature called the Fair Credit Billing Act, which protects you. Under it, your liability for unauthorized purchases on your credit card maxes out at $50.
Even better: “If your credit card number is stolen, but not the card, you are not liable for unauthorized use,” the Federal Trade Commission reports.
On the other hand, you’re a little more susceptible to unwanted charges when using a debit card. It all depends on how quickly you catch the thief.
If it’s more than two business days, your loss could max out at $500. If it’s more than 60 business days, you might be accountable for any and everything.
8. Never save passwords or payment information.
Sure, saving your payment information is a lot easier than fishing out your credit card for each purchase, but that’s not a best (or safe) practice.
Just take those extra two minutes to type it all in each time. That way, if the site you’re shopping on is hacked, you should be OK.
Weisman says using third parties to pay — like PayPal — is often helpful, too.
And this probably goes without saying, but you also want to protect your phone with a good password, too — in case it’s lost or stolen.
What to Do If You Get Tangled in a Mobile Shopping Scam
Contact your bank or credit card company as soon as possible.
You’ll also want to file a police report, which sounds dramatic, but this might help if you have to dispute the charges at a later date.
Sure, the cops aren’t going to catch the hacker, but having that police report on file says, “Yes, this happened, and yes, I was being a responsible human being about it.”
You’ll also want to notify the Federal Trade Commission. There, you can file a consumer complaint or report identity theft — all from behind your screen.
Your Turn: Do you shop on your phone?
Carson Kohler (@CarsonKohler) is a junior writer at The Penny Hoarder. After recently completing graduate school, she focuses on saving money — and surviving the move back in with her parents.