Keep your wits about you while shopping online

Guest Blogger | Date: February 3, 2021 | 4 minute read


As the global Covid-19 pandemic causes shops to close and online retail to become the norm we learn some essentials tips to staying safe while shopping online from our Cyber Security Partner IASME, in the second of a fortnightly series of cyber blogs.


Don't be a victim to an online scam

The global pandemic of Covid 19 caused many shops to close and forced people to stay at home more than ever, socialising over Zoom and shopping online. In recent years, there has been an explosion in the growth of internet retailing, with more than half of all UK consumers now shopping online according to retail analysts, GlobalData. With the UK's online shopping spend forecast to grow 30% by 2024, a major factor is the increasing power and availability of mobile phones allowing people to shop whenever and wherever they happen to be.

Big business for criminals

It is not only sellers that have taken advantage of the growth of online retailing, but cyber criminals have too. Attacks have become more sophisticated, so shoppers need to be alert and cautious when looking for online bargains.

As a victim of cyber-crime, you might:

  • Find yourself on a fake website and pay for items that do not exist.
  • Have your payment card details stolen and fraudulent purchases made from it or have your bank account cleared out.
  • Have your personal details such as payment card, name, address, username and passwords stolen, and credit cards and loans taken out in your name.
  • Have your stolen username and passwords tried on all your other accounts to see if any anything else can be stolen. These details can be sold on to other cyber criminals.

Here are six essential tips to stay safe while shopping online.

Tip 1 - Check the website is secure

Hover your mouse over the web address in the address bar. You are looking for a closed padlock symbol in the address bar and ideally, the address will start with, https://. This means the connection to the website is secure and encrypted. Without an https, any data passed on the site can be intercepted by criminal third parties.


Do not even think of shopping on a website that does not have a padlock and the letters https://.

Tip 2 - Watch out for fake websites

If you are searching up brands and looking for best deals on the web, you can be taken to a fake website that is selling counterfeit goods or things that you will never ever get.

Firstly, check the web address, there may be slight differences such as instead of, it is .org . Are the words spelt correctly? Criminals actually buy up domain names that are very slightly different to recognised brands hoping to take advantage of people's typos. The pictures on the website might be slightly pixilated and other content seem odd or substandard, however, fake websites can be very professional, making it difficult to tell they are fake, but, if the deals are too good to be true, this is probably the case.

Tip 3 - Use a credit card for online shopping

If a fraudulent purchase is made on your credit card, there's a good chance your credit card provider will reimburse you straight away - a debit card does not have the same protection. Credit card accounts may also have anti-fraud measures in place that block large or unusual purchases or require additional authentication from your mobile phone. You can set up alerts on your credit card where you are contacted if a payment over a certain amount has been requested.

Tip 4 - Do not use public Wi-fi to go shopping

Unsecured Wi-fi like the one you might find in a coffee shop or train or hotel is not a safe environment to make transactions, or indeed, even to check your email or instant messages. Anyone within that network may be able to hack into your device and steal your valuable personal information.

Tip 5 - Beware of phishing emails and social media scams

There is a massive increase in scams, many of which start in a fraudulent email or a link on Facebook or Twitter. They may appear to come from a well-known retailer or favourite brand, or your bank or PayPal account, they might offer great deals or cash prizes or they might inform you that your account has been frozen and you need to take urgent action. These are all tricks to get you to click on a link or to take you to a fake website or ring a premium phone line. The fake authentication process that follows will allow your security information to be stolen.

Be aware of these very common scams and if anything feels a bit odd, or you feel stressed by high pressure tactics, delete immediately. Better still, never click on a link from an email or social media site unless you are 100% sure it is legitimate.

Tip 6 - Use strong passwords

If your password exists in the dictionary, it can be busted in seconds by the average cybercriminal who uses a computer to do the job. Instead, use three random words that you can remember with a mixture of upper and lower case and a few numbers and symbols.

It's very important to use a different password for every account that you have, this is because if one account is breached and your password discovered, criminals cannot break into all your other accounts.

To make your life a lot simpler, try using a password manager such as LastPass, Dashlane or Bitwarden to take care of all your passwords so you don't have to remember them. You can usually download one from their website for free.

As more of our information and activities go online, cyber security has become a necessary part of life that keeps us safe from crime. Just like learning anything new, it can be broken down into small steps and implemented in bite sized chunks. Businesses of all sizes are at particular risk of cyber-crime and would benefit from working towards Cyber Essentials which is a Government approved scheme. By implementing just five core controls that protect against most cyber-attacks, businesses can ensure they are on the right track as well as demonstrating to their customers and suppliers that they are serious about cyber security. Find out more about the Cyber Essentials scheme.


Thank you IASME team for the insight. This blog was published on Friday 29th January and is duplicated with permission from IASME. Original publication located at


  • Prevent being a victim of cyber crime by learning the basics.
  • Ensure you are using secure websites by looking for the pad lock and https:// at the beginning of the website address.
  • Look out for 'too good to be true' deals or 'I wasn't expecting that' moments.
  • Look out for 'phishing' emails which get you to click on a link even from your favourite online shopping store
  • Invest in a password manager to ensure you use strong password

IASME are a chosen partner of the National Cyber Security Centre (NCSC) and are responsible for Cyber Essentials Certification delivery in the UK. Learn more about IASME.

Concise Technologies are an IASME Certification Body that can assist you with delivering Cyber Essentials and Cyber Essentials Plus. Contact us today to learn how we can help with your certification.

Concise Technologies have written a blog about the differences between Cyber Essentials and Cyber Essentials Plus.

Download a free resource showing 12 Ways to Protect Your Business from Cyber Attack.

protect your business from cyber attack 12 ways infographic

Get in touch and discover how we can help make things easier.

Call us on 01606 336200, or fill in the form below.