Categories
Technology

Make Safe Online Purchases

I don’t know about you, but my online ordering has recently had an uptick. I’m waiting for my groceries to be delivered as I type. It’s something I have never done before. It’s really quite amazing to realize how easily we used to run to the store for small items. Can you believe I ran out of pony tail holders? I mean, who does that? And my good, solid one is stuck in Massachusetts waiting for my return.

It’s a pet peeve of mine to have my hair in my face as I sleep so I needed a remedy. I ordered new ones online and found out there was an app for tracking the delivery so I downloaded it. To my horror, while logging into the app, I read the fine print:

Do you see that? They wanted access to my emails!!! Now I don’t know about you, but a lot of sensitive data goes to my emails. Airline confirmations, notes from family and friends, etc.

I deleted the app immediately

without setting up the account.

That very same day, a friend shared a screenshot of a communication online. I got permission to share it here:

If you can’t read that, it is a conversation where someone commented to a food provider:

Just a friendly heads-up, you shouldn’t be collecting credit card numbers this way. It’s not secure, people’s accounts could easily be compromised and you could have your own merchant accounts revoked.

The food provider responded with:

Hi. The form has to be downloaded to a computer and filled in. It is not an online fillable form.

The initial person ended with:

asking people to email it back to you is not secure. Credit card numbers should never be emailed, in any way. I work in tech. 🙂

As I read that, I realized that a lot of people are ordering online now. And not all of them work in tech support. How does one know what one does not know?

Clearly this shop owner thought they were doing the right thing for their customers. But what if they had installed the same app I almost installed? And what if they blindly accepted all the terms and conditions without really reading?

That would mean the app had access to emails, and now all customers are sending credit card information by email. Let me tell you this, my friends. It’s best to never send super-secure information by email.

Instead, when you shop online, look for sites with order forms on the site. When you do so, make sure a site is secure. There are two items to look for on that. In the web address bar, make sure there is a lock showing and that the web address starts with https — emphasis on the s there.

As Wikipedia describes it:

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet.[1][2] In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, its predecessor, Secure Sockets Layer (SSL). The protocol is therefore also often referred to as HTTP over TLS,[3] or HTTP over SSL.

https://en.wikipedia.org/wiki/HTTPS

Please be careful as you create orders, my friends. Just as we want to stay safe with our health, we also want to take steps to make sure our assets are as safe as possible.

If you are selling anything yourself, make sure you use ssl. If you have a site with WordPress.com, you have nothing to worry about. All WordPress.com sites have ssl by default.

Feel free to add other tips, tricks, and observations in the comments.

5 replies on “Make Safe Online Purchases”

Great post, Chrissie. I use Pay Pal when ordering instead of using a credit card. So sad that scammers will use a time like this to cheat people. Or anytime. Glad you posted a heads up!

That is very smart of you. I truly don’t think that store person was a scammer, and I think the app was probably just going through emails for tracking codes, but it can all still be so damaging if someone were to use it for bad.

Hi Chrissie, a very nice post on online shopping. I am sure this would prevent many others from falling a prey to such apps. This is the reason that I use two email accounts. I use one email id religiously for all my bank activities and I make sure that I never allow apps to access this account at any cost. In case, I would ever need to allow an app to access my account, I would use the other email account for that. Besides,using PayPal or other payments wallets is much safer.

That’s a really good idea. I hadn’t thought of having a separate email for that. Thanks for posting!

Leave a Reply