6 cyber tips your employees need to know when shopping online

Authored by Paul Holland.
3 min read
A women on her mobile phone and laptop
Paul Holland, IT Security industry expert, shares some online shopping best practice tips so your employees don’t compromise your business’s cyber security.

Aside from the perils of buying clothes that don’t fit or not properly checking return policies, shopping online comes with its darker pitfalls. Research from cyber security firm Norton found that 17 million Britons were victims of cybercrime last year and phishing scams – where criminals impersonate trusted brands and sources to obtain sensitive information – are a big part of this.

Follow our safe cyber shopping tips

To help make sure your employees don’t become a cybercrime statistic when shopping online here are our tips to keep your business safe.

1. Stop and think

Before clicking on any link sent to you in a promotional email for example – does the offer seem too good to be true? An iPhoneXs for £300? Take a moment to think how realistic the offer is.

2. Does the website you are buying from seem genuine?

Hackers will misspell website domain names or use similar ones like eaby.co.uk or amazonic.co.uk. They’ll even use different but similar characters such as ‘đ’ instead of ‘d’ which can be easy to miss. Again, take a moment to check the site address.

3. Secure URL

website example

Any page requesting you to enter details should use ‘https://’ in its web address bar and show a valid certificate (shown by the closed padlock and green highlighted bar).

4. Bad spelling and hard selling

In any emails you receive from retailers, look out for bad grammar and spelling. And if an email is trying to pressure you into a sale – ‘Last remaining items in stock! 5 minutes remaining before sale ends!’ – be very suspicious.

5. Watch out for dodgy links

Links in a fraudulent email or on a website will be made to look like they are from a legitimate company but will actually send you to a carefully disguised web page. Hover your mouse over the link which will normally highlight the real link to you. If it does not match the company name or the link it says it is, do not click on it. If you’re not sure, enter the address of the website manually rather than following a link.

6. Use your credit card

You have more protection if you shop online using your credit card and are defrauded than if you use your debit card.

7. Fallen victim?

If you do find yourself the victim of an online scam, contact the retailer you thought you were buying from to make them aware. You might have accidentally revealed your genuine account details to the fraudster and the retailer will need to change your account.

Advise your bank and credit card providers if you think you have revealed your bank details and change your password on the account that’s been compromised – if you use the same details for other online accounts , you will also need to change those passwords. Also, if you think you might have exposed your company’s IT system to malware when clicking on a link, let your IT provider know straight away, and/or check your virus protection is up to date.

Taking some simple precautions should help keep your business cyber secure, but remember the old adage, if an online offer seems too good to be true, then it probably is.

There are many further sources of advice online including:

Get Safe Online (external link)

Staying Safe When you Shop or Bank Online (external link)

Avoiding phishing attacks (external link)

Find out more about Hiscox cyber and data risks insurance.

At Hiscox, we want to help your small business thrive. Our blog has many articles you may find relevant and useful as your business grows. But these articles aren’t professional advice. So, to find out more on a subject we cover here, please seek professional assistance.

Paul Holland

Paul Holland is an IT Security Leader industry expert with over 15 years of experience, focusing on awareness as a key security factor.