In this New Year season, there might be a lot of discounts and promotions available when shopping online, and you may be planning to buy something for your house, a gift or even a gaming headset for the upcoming gaming tournament.

No matter what you buy or which online store you surf, you must be strictly aware of what perils and risks you might have to face and also about the steps which must take place before and while shopping online, in order to stay safe online.

Having an idea about the storms and cyclones while shopping online is essential to making your shopping experience safer.

Just think, what would happen when you browse an online store and enter all your credit card details without knowing that it is a phishing site?

Daily, millions and billions of dollars are stolen through various ways. Right now while you are reading this, someone might be trying to get access your bank account, or someone might have already hacked it.

There are many ways to protect yourself from these kinds of dangers, and through this guide, we will show you how to be safe on the internet, step by step.

If you follow these simple steps correctly, we can guarantee you, that you will be the safest online shopper in the entire planet.

stay safe online shopping guide

Embed this “how to stay safe online” infographic on your Website

Tip #1: Shop at familiar shopping sites to Avoid Scams

shopping mall

There are thousands of online stores where you can buy stuff and yes, some of them have those mind-blowing things which you have never seen before.

However, before even trying to visit those sites, make sure that the website is secure. You might have seen many advertisements on Facebook and Instagram about free products where you have to pay only the shipping fees.

However, those are the types of websites that you should look out for.

It is always better if you use the marketplaces which you have already been using.

We suggest you to use trusted sites such as Amazon, Walmart, and Target, because these online stores have almost every product at the lowest prices.

How to see if a site is safe?

If you still want to check a new website, whether it is safe or not, then yes, of course, these are the few steps you can follow to confirm that they are not fake sites.

  1. Search Google

First of all, search that particular website in Google or whatever search engine you use and check if it exists.

search shopping site on google

If a site is not indexed in search engines, that either means the website is new, or it is not a secure site.

If you find it on a search engine like Google, then check for more information such as its location and customer reviews.

However, if you cannot find a shopping site on a search engine, then don’t even bother going back to that site.

  1. Check Contact Information

The second step is to check the phone numbers or emails of the company and try contacting them.

Check Contact Infomation v2

Most of them do not have 24/7 support centers, so make sure you contact them on a business time.

If the numbers or emails are working, there is no reason to worry about.

However, if any of their contact methods are no longer working, then immediately leave that site because you cannot trust any online seller who cannot maintain a proper communication medium.

  1. Check for T&C

A clear sign of fake online shopping sites is not having a refund policy listed because they intend to sell counterfeit or crummy products.

refund policy - namecheap

Similarly, look for the terms and conditions of the services because almost all the reputed online marketplaces have their terms and conditions of the services listed on their websites.

Terns of use- Walmart

Just scroll down the page and find whether the terms and conditions of the services are available and be cautious of any broken links.

So, if they are unavailable or broken, it is a scam site.

Furthermore, use websites which were recommended to you by a close friend or family, and if you come up with any trust issues with the particular site, then just stick with what is more familiar to you.

Tip #2: Always look for the lock (HTTPS)

look for https

It’s something we all know when it comes to shopping online, we obviously must use our debit or credit cards to make the payment.

That is the main reason why you should know how to choose the most trustworthy website out of the phony ones.

So let’s just break the ice and move on. There is one easy way for you to identify if a particular online shop is safe or vulnerable, by looking out for a TLS certificate. You might be wondering what’s an TLS certificate is.

What is a TLS Certificate?

A TLS certificate is a digital certificate that validates the connection to the server of a particular website and encrypts all the data transmitted to the server using 128-bit or 256-bit.

ssl of quint inventions

The URL of a TLS enabled website begins with HTTPS:// instead of HTTP://. (Here the letter “S” symbolize “Secure.” So if there’s no “S” then the site is not secure)

Also, an icon of a locked green padlock will appear at the left corner of the status bar if the website is secure.

Now if you are still confused about what precisely this TLS thing is, let me just make things easier for you.

What’s the difference?

The key differences between HTTPS and HTTP websites are how they move data from a browser to the server.

The TLS enabled websites, or the HTTPS websites encrypt all the data including sensitive data such as your:

  • phone numbers
  • credit card details
  • email addresses

prohibiting anyone from viewing or stealing your personal information.

This is one of the essential steps you must follow in order to survive inside this magical paradise which is so-called the internet.

So if you want to buy that Batman night lamp you saw on the Facebook ad, just go to that site and before doing anything, just check whether the site has a HTTPS connection.

That’s not all you got to do to stay safe online

However, just checking for Mr. HTTPS will not be sufficient enough, because there are way more serious things to be concerned about.

For instance, there can be fake websites with a similar domain name such as amaz00n.com instead of amazon.com.

Therefore, be extra cautious about the name of the website too, because these hackers are not here on the internet to practice a crime.

Hey! Just hold on right, because you are about to learn more about some internet safety tips, the best is yet to come!

Tip #3: Think twice before entering any personal information To Keep Your Identity Safe!

identity theft hacker stealing cards v2

First name: Done.

Second name: Done.

Address: Done.

Mother’s name… Wait!

Why the do you need my mother’s name to complete the payment?

Now, this is a serious problem!

There are weird online stores, where they ask you to fill a thousand-word biodata with all your personal information, and that is something you must not do.

Your full name, phone number and the home address is more than enough for any online store to deliver the goods, and if their requirements are way far than that, then it is a website that cannot be trusted.

What is Identity Theft?

Until now, even years after since online shopping has been found, people still provide all their personal information without a single bit of fear about their security.identity theft data

I know that one of the main reasons for this is because most of them are not aware and still uninformed about what is going on in the internet.

Do not give all your personal information to the merchant” because currently, identity theft is one of the top-rated cybercrimes in the world.

Let me show you what this identity theft exactly is.

Identity theft is a cybercrime where a particular person steals your personal data and pretends to be you.

After, they start to commit cybercrimes using your name.

If a website really needs some unnecessary detail like the date of birth, then alter it a little and give them a fake one because the website owner is not going to send you a surprise gift on your birthday.

Did you know?

A drug smuggler named Marcelo Nascimento da Rocha stole the identity of Henrique Constantino who was the brother of the CEO of Gol airlines and spent a life of opulence with all the money received to him in the name of Constantino.

Later Nascimento got arrested after sleeping with a woman who knew the actual Henrique Constantino.

Tip #4: Skip The Debit Card and Use a Credit Card for More Protection

credit card transaction

We all know that we can use either a credit or a debit card to do online shopping.

However, did you know what kinds of risks are concealed in the transactions related to debit cards?

Well, if you are in the middle of a choice, whether to use a debit or credit card to make the online purchase and what is more secure, we would like to tell that using credits cards are way more safe and advantageous than using a debit card.

The main reason why we advise you to complete the online transactions using a credit card is because, credit cards come with extra protection against possible frauds than that of debit cards.

And the other thing is that paying using a debit card is more like paying with cash on hand because it deduct the money directly from your available bank balance.

Also, there are many more reasons to why you should skip using your debit card while shopping online.

  • Zero-fraud liability

This zero-fraud liability can be exaggerated as an additional layer of security for your transactions.

Then again, this feature is only available for credit cards.credit card payment

Now, what zero-fraud liability means is, if someone steals your credit card and makes an online purchase, then there is a higher tendency that you will not be held liable even for a single dollar, if you report it within a small period of time.

Moreover, for the rest of the credit cards which do not have this feature, you will be held liable only up to $50 as long as you report it within 60 days.

  • Ease of disputing charges

Imagine what would happen if you order something online and a damaged product shows up?

What would be the solution if your order does not show up at all?

In those cases, also, the credit card comes to the rescue while the debit card stays speechless.

In such an instance, if there is an issue with your purchase, you can dispute a charge or withhold the payment, and sometimes there is a chance for the card issuer to take care of the investigation.

So, those are the benefits of using credit cards for your online purchases and hey, I almost forgot to tell you about PayPal.

For Maximum Security, Use PayPal

paypal home

Talking about how to stay safe online, how could we possibly pass by without talking about PayPal?

Using PayPal is simple. All you need to do is, to create a PayPal account (which is available in every single country) and link your credit card to it.

And when paying for something online, just chose PayPal as the payment method.

Then PayPal will take care of the rest of the process.

All you give to the website is the PayPal account, and not a single clue about the credit card, which makes your credit card details safe and secure.

How could someone possibly argue with the fact that PayPal is the safest way to do online transactions, when even Forbes put PayPal on their grown champions’ list?

So don’t forget to use PayPal on your next online shopping tour!

Did you know?

Phillip Cummings, an employee of a software company, traded customers’ credit card details to a Nigerian ID theft ring for just $30 each.

And guess what?

He sold those 30,000 times making $900,000 until he got busted.

Tip #5: Get Security for your computer

navy seals for your computer

No matter what approaches you take to stay safe online, if your computer is garbage, then it is a significant problem.

So taking care of your computer correctly and upgrading it with the best software is essential.

I’m pretty much sure that there are dozens of malware on your computer right now and you must clean them up.

  1. Use an anti-virus

use antivirus to protect your computer

The first solution for that is to download a good anti-virus software.

There is no particular software which is rated the “best” since all of them are the same unless you get a premium version which has additional features.

Besides if you can’t purchase a premium version, then don’t expect the anti-virus software to provide you 100% protection against threats forever.

However, the free versions will defense you up to a certain extent.

So, we looked around some excellent anti-virus software in the market and found that,

are reputed names in the industry.

Did You Know?

Windows comes with a built-in antivirus called windows defender, and it has all the functionalities of a top-rated virus guard.

All these anti-virus software products include an on-demand malware scan, on-access malware scan, malicious URL blocking, behavior-based detection, vulnerability scan and many other bonus features.

These software products are labeled at a price range from $20 to $50.

bouncer pickup

So, our opinion is that, the free version will suffice unless you have nuclear codes stored on your computer.

If you are looking for a reliable paid anti-virus software, then we would like to recommend you Bitdefender.

Moreover, if you are looking for a software which can be used on all your devices, then McAfee Plus is the best, because with a single subscription you can protect all your Windows, MacOS, Android and IOS devices.

Anti-Malware Softwares are good too..

Though you use a good anti-virus, still there are some spyware and malware which can pass through the ears of any anti-virus.

Installing software products, like Malwarebytes and Super Anti Spyware are even better as an additional layer of security for your computer, because they also do an excellent job at detecting malware and spyware.

However, for an average user, standard anti-virus software like what we mentioned before, are more than enough because they provide you all the essential protection needed for online shopping.

Talking about internet security, I think we missed something.

  1. Install a firewall

policeman controlling traffic

Do you know what Firewall is and how it works?

What happens in the Firewall is simple.

A firewall is a software that tracks the condition of your network traffic and decides whether to allow or block unwanted and unauthorized connections which reaches your computer through the internet.

This allows you to check what your computer and the applications does on the internet.

You can use either the Windows Firewall or install a better personal Firewall instead.

Some anti-virus products features a firewall in their package while some don’t.

But if you decide to get a stand alone firewall instead of a antivirus these are the best firewalls available in the market:

Install one of these, to maximize your protection against online threats.

ZoneAlarm can be defined as the best network monitoring tool for over a decade. They provided many features in their free version.colonial soldier

On the other hand, if a paid version, then Zone alarm is still the best.

Moving to Comodo, overall, it is a good firewall, which provides many features for their free versions making it the best for anyone who seeks for a free firewall software.

Well, both ZoneAlarm and Comodo have been serving for years, but this GlassWire entered the field a few years ago.

This new kid also has some new features that is worth a try!

In the next step, we will show you how to set Einstein-level passwords for all your accounts, which are also easy to remember.

Tip #6: Strong passwords are your first line of defense

secure password for online shopping safety

Now, this is the most mainstream topic when it comes to online safety, because every single blog and website talks about this.

Nevertheless, today we will teach you what exactly “Use a strong password” thing is and how to do it.

An average person spends approximately more than 7 hours a day on the internet either wasting time or doing something important.

Whatever you do, you will be doing that by logging into a certain account, and maybe you have more than ten different accounts for different purposes.

Also, keeping all those passwords in mind is not so easy and that is why you use simple passwords.

Now before breaking into the topic, let me tell you why you need to have a strong and unique password and how things could get out of hand if you have a simple password.

According to the 2016 Data Breach Investigations Report, Verizon confirmed that 63% of data breaches were as a result of weak or stolen passwords.

Now when a hacker steals your credentials, they try to access your other accounts with the same password or altering it.

This tactic is surprisingly successful since people use the same password over and over again.

Moreover, there was this research done by Ofcom which shows how hard people want their online accounts to get hacked.

They held a poll of 1805 adults from age 16 upwards and what they discovered was shocking.

statistics-weak-passwords

Out of that 1805 people, 55% of them use the same password for all their websites and accounts.

It did not stop there, 26% of the rest had said that they use indelible passwords such as a name of a person or a birth date.

You must’ve seen this topic in many other guides and maybe you have read all those and now you feel like an expert.

Today, I sprinkled some honey onto the topic and made it even more interesting for you to read.

After studying the method that I am going to teach you, you will be able to create strong passwords every time with ease.

This is an easy thing, and if all the people in the world start using these kinds of un-crack able passwords, the hackers will have to find a new livelihood.

How to create a strong password

For a password to be considered a strong one, it must have at least 12 characters, and must also contain numbers and at least one special character.

    • To get started, you must choose some phrase which is long enough to meet our minimum number of characters.

For example, I will choose “hotdogs are life”.

    • Now the first step is to merge these words, which makes my password (hotdogsarelife).

how to set up a strong password

      • After merging them, replace some letters with numbers.

    I replaced the two Os with 0, E with 3 and L with 1.

add numbers to your password

So now my password looks like (h0td0gsar31ife).

    • Now it is the time for the symbols to play their role.

add symbols to your password

  • For my password, I replace the H in dogs with “#” and then capitalize some letters.

capitalize some letters to make your password stronger

I capitalized the G, A, and I. Now I have (#0td0GsAr31Ife).

intital strong password

Yes finally!

Now it literally looks like a missile launch code, which is hard for anyone to read, but is easy to remember.

Now isn’t that what we wanted?

How to create unique passwords everytime?

The next big question is how to remember about ten of these kinds of passwords?

Taking a Ph.D. is easier than that, and that is why I brought you this easy method.

This method is pretty easy because we use the exact password by altering it a bit.

For instance, just assume you’re setting the password for a new Gmail account.

If you remember the password you made up, then all you need to do is to take the first three letters of Gmail which is “gma” and sprinkle those letters in your password.

For me, I chose to place them at the beginning of every word like this (g#0td0GsmAr3a1Ife).

sample password for gmail

If I make a twitter password, it will be like (t#0td0GswAr3i1Ife).

sample password for twitter

So these two passwords I settled for Gmail, and Twitter differs from one another making it hard for someone to exploit if he or she comes across with one of these passwords

Right now you have one of the strongest passwords in the world.

However, something makes me feel like you are still insecure.

AH HA! Did you give your password to someone?

Now for the first and last time I warn you,

Do not give your password to anyone!

When I mean anyone it includes your girlfriend or boyfriend too.

I mean why go through this whole process of making the world’s most secure password if you want to walk around and share it with others?

Did you know?

123456 and qwerty was the most commonly used passwords in 2017.

Try using a password manager if you have trouble remembering passwords

A password manager is an excellent way to secure your online presence if you are unable to create strong passwords and remember them.

They remember your passwords on behalf of you, and also help you to generate unique, stronger passwords for your online accounts.

Here are some excellent password managers that you can use:

Tip #7: Be extra cautious when shopping on mobile

think twice on mobiles to stay safe online

So as we all know, a smartphone provides ease for us to do our online shopping while lying on bed or watching TV.

The National Retail Federation states that 71% of the tablet owners and 53 percent of smartphone users, use their devices to shop in this festival season.

And if you are searching for the best deals on the internet with your phone, then there are some facts which you must be vigilant about.

  1. Mobile Malware

Since, mobile phones are starting to become the most popular way of accessing the internet, there is a clear sight of cybercrime moving in that direction, lately.

Malware is malicious software designed targeting mobile devices which can disrupt or damage your device.

A lot of malware is created to disable your device from allowing any malicious user to remotely take control of your device or to steal personal data stored on your device.

According to Nokia’s Mobile Threat Intelligence Report, during the second half of  2016, the infections on smartphones have been increased to 83% in which Android devices were the most often target.

At the beginning of 2016, Nokia had about 600,000 samples of malware in their database which later increased to 12 million by the end of the year.

Furthermore, The Pulse Secure 2015 Mobile Threat Report states that approximately 97% of mobile malware are designed for Android Devices.

Also, U.S Department of Homeland Security estimated that 0.7 percent of mobile malware is written for IOS.

  1. Fake promotions

This is one of the most common ways scammers get access to your personal information.

What happens here is that these cybercriminals trick you with a fake promotion or a free giveaway and make you fill out a survey with your personal information.

phishing on mobile v2

For instance, recently there had been an advertisement about giving away two free airline tickets but required the applicants to fill out several surveys with their personal information.

  1. Malicious mobile applications

These are fake mobile apps designed to steal data from smartphones.

These kinds of phony apps are mostly offered for free and usually pose as games or fun applications.

A new Android Trojan malware has been discovered in Google play which has been masquerading as multiple apps: a QR scanner app, an alarm clock app, a file explorer app and a compass app.

So those were some mobile phone targeted threats you should be aware of and now let’s move on to the topic of how to stay safe from these kinds of perils.

How to be safe from Mobile Malware

Below are some such ways:

  • Do not install apps from any third-party app stores. Download apps only from the legitimate app stores or a trusted APK Downloader.
  • Avoid granting apps permission to access your GPS location
  • Be extra cautious about the emails you receive.
  • Do not click any ads on a website because viruses can enter to your device even by viewing it.
  • Do not trust any promotions on social media.
  • If you receive a message saying that you have won a gift and if it asks for your bank details or home addresses, never send them the information unless you are 100% sure who they are.

But if you really want to see what it is, do not give any personal information to them.

Tip #8: Avoid shopping on public terminals To Prevent Data Theft

public terminal threats

Who would not love some free Wi-Fi?

While many out there are arguing about whether using public terminals are okay or not, we brought a straightforward answer here.

It is simple; do not use public Wi-Fi or public computers for your online shopping or banking.

Fortunately, most of you know why, but if you don’t, then let me explain it to you.

Using a public Wi-Fi network or a public computer for online shopping or banking is literally like giving a goodbye kiss to the money in your bank account.

How to be safe when using a public computer

To begin with, I’ll give you some general safety tips which you should follow when using public computers.

The first risk is that most people forget to log out from their accounts after using a public computer.

public computer dangers

That buys a free ticket for the scammers to steal your data or access to your browsing history.

  • So make sure to logout from all your accounts and clear the browsing history after every time you use an internet café for your work.
  • The next thing is that you must avoid doing financial transactions using public computers that could expose valuable passwords or personal data such as credit card numbers.
  • Always use a trusted web-based spyware detection tool whenever possible to scan for spyware before using a suspicious public computer.
  • And the final advice is to be careful of who is watching you.
Did you know?

One day a Californian couple named Lara Love and David Jackson began tapping into a neighbor’s Wi-Fi network. This paved them the way to steal their neighbors’ personal data.

Thirty victims were affected by the time these two got arrested.

Is Public WiFi Dangerous?

Many things can go wrong when using an open network.

When connected to an open Wi-Fi network, your unencrypted network traffic is apparently visible to everyone who is using it.

They can see the unencrypted websites you visit, what you’re typing in unencrypted sites and even they can see the unencrypted sites you’re connected to.

wifi webpage load

Tools like Firesheep and Wireshark allows people on public Wi-Fi networks to snoop on others’ browsing sessions and seize them.

Another risk of using public Wi-Fi networks is malicious hotspots.

When you connect a public Wi-Fi network, you cannot be sure if it is a legitimate network or if it is something set up by an attacker.

Theories say that it is still safe to login to your bank’s website in such cases because the encryption ensures that no one can watch you while connected to the bank’s website.

However, our opinion is that, it’s not safe at all, because tools like sslstrip and KRACK can transparently hijack HTTP connections.

So, when a site redirects to HTTPS, these tools will force your browser to use HTTP, making all your data transfers ready to the attacker.

How to Be Safe On Public WiFi

So we have few tips for you to stay safe from such threats.

  • Avoid using open Wi-Fi networks as much as possible
  • Select the public network option on windows when connecting to an open Wi-Fi network
  • Install a good firewall
  • If you are a frequent public Wi-Fi user, then get a VPN connection

Tip #9: Learn to identify a phishing scam

avoid phishing to stay safe while shopping online

Phishing is a type of social engineering which lures or tricks a receiver to click a URL or attachment to fill their personal information in it, and when they do, all the data will be recorded in the servers of the hackers.

Phishing has been the best way to steal data for over a decade, and surprisingly it still works.

The Data Breach Investigation Report states that 9,567 phishing incidents were reported in 2015 where the targets opened 30 percent of those phishing messages.

There are hundreds of different phishing scams, and today we will show you the five most common phishing attacks which you might be a victim of and how to protect against them.

  1. Deceptive Phishing

This is the type of phishing where the attackers impersonate a legitimate website and attempt to steal your personal data.

hacker getting sensitive information

For example, PayPal scammers might send you an email asking you to log in and change something in your PayPal account.

However, if you click the link, the site you visit is a fake PayPal website which looks exactly like the original one.

Deceptive phishing aims to deceive you into giving the details they need to access your social media account or bank account.

To avoid these kinds of phishing, be cautious of requests asking for information or personal data that the correspondent should already have.

  1. Spear Phishing

Spear phishing is similar to deceptive phishing, but the only difference is that in spear phishing the fraudsters modify their attack email with their target’s phone number, name, company, and position which tricks the receiver to believe that he/she has a connection with the sender.

The objective of spear phishing is to steal your banking details or other valuable data.

Look out for typos, ultimatums or alarming threats in order to be safe.

  1. Pharming

black hat hacker cookie hijackingPharming is a method of phishing which stems from DNS (Domain Name System) cache poisoning.

So, here the phishers hijack the domain name of an original website and use it to redirect visitors to a phony site. The objective of Pharming is to intercept and filch online payments.

Always check if the URL of any website requesting for information is genuine and look for the TLS certificate to avoid this scam.

  1. Dropbox Phishing

What happens in Dropbox phishing is that an email declared to receive from the Dropbox, requests the recipient to download a shared document or to click a certain link to secure their account.

The purpose is to install malware on the targeted computer.

Setting up two-step verification (2SV) such as a USB key can help you stay safe from these kinds of threats.

  1. Google Docs Phishing

Google Docs, Gmail and Android applications.

What happens here is that the victim receives a message inviting them to view a specific document on Google Docs and when they enter their login credentials, the information will be sent directly to the attacker.

These messages seem convincing since the landing page is on Google Drive itself.

Sift through such requests for any errors such as spelling mistakes or altered characters in the language selection box.

Also, implementing the two-step verification works on this too.

Identifying a phishing scam at first place is not easy.password credit card stealing

Even trained eyes might not identify them at once because there is no exact particular way to recognize the fake site from the real one.

In that case, all you need to do is, avoid clicking suspicious messages and stop visiting those websites.

No matter from whom you get it or the kind of urgent message it has, be extra attentive to what it is and what should be done.

However, if you still want to check if your accounts are in danger, then login to the actual website instead of clicking the link attached to the email.

Tip #10: Keep your browser armed at all times

keep your browsers updated

Your browser is literally similar to a missile.

You can either use it to defend yourself or to kill yourself.

A simple miss-click could cost you an arm and a leg but, if you configure it correctly, you can be the safest online shopper in the world.

The browser is your portal to the internet, and we can go only to the places it takes us to.

Now if the browser blocks you from visiting a specific site, then don’t visit that website because your browser does that for a reason.

Apart from that, there are a few other precautions that you should take into mind,

How to turn your browser into a fortress against malicious websites.

turn your browser into a fortress

  1. Update the browser

The first step of turning your browser into a defensive beast is to keep it up-to-date.

Nothing is more important than a new update for your browser.

So, update the browser whenever a new one is available.

  1. Install an ad blocker

Previously, I explained to you how clicking a fake ad can expose your valuable information.road block to block malicious ads online

So, the best solution to avoid these ads from displaying is to install an ad blocker which is available for free.

The purpose of installing an ad blocker is not only to block ads.

These ad blockers can also block certain types of malware on websites which can lure you into installing them or giving out your personal information.

So installing an ad blocker is unquestionably a must do for anyone who is concerned about their safety.

Free adblockers that you can install

These can be cited as some of the top ad blockers for Android.

These are the best for IOS.

These suit well for both Windows and macOS.

  1. Be observant about bogus warnings and alerts

Whenever a website shows a warning or an alert, always click NO or just ignore that message.

Because, clicking something that you do not intend to, could pave the way to install a hacking tool into your system without you even knowing.

Do not click anything suspicious unless you are fully conscious of what it is.

Tip #11: 2-factor authentication is must have

2 factor authentication v2

2FA or two-factor authentication is an additional security layer which is known as “multi-factor authentication” that requires not only a username or a password but also something unique that only the user has on them.

It means that you will need two factors to access any of your 2FA enabled accounts and if you lose one of the factors, you will not be able to access it, and the same thing goes for the hackers too.

Did You Know?

Your debit or credit card use 2-factor authentication.

Here’s how your every day using credit card uses 2FA to protect your money.

When you go to an ATM to withdraw money, you got to insert the card first; then you have to enter the PIN to withdraw money.

Sounds simple right?

Your pin number is the 2nd factor in the authentication.

Lose one of those factors; you cannot withdraw money.

How to Enable 2FA

These days the most commonly used 2FA is SMS verification which is also known as token less authentication.

You can enable 2FA on almost all the popular social networks by going to the “privacy and security” section.

Still has no idea how to do it?

All right, then I will show you how to enable 2FA on Facebook and Gmail.

Facebook

    • Log in to your Facebook account and move your cursor to the top right corner and click the “downward-facing arrow” to navigate to “settings.”

How to enable 2FA on Facebook ss1

    • Then click “security” on the left sidebar.

how to set up 2 factor authenitcation on facebook ss2

    • Scroll down to “Setting Up Extra Security” and click “Edit” on Use two-factor authentication.
    • Then click “Add Phone” and follow the on-screen instructions and verify your your phone.

Setting up 2FA on Facebook

    • Now come back and click “Set Up” next to “Two-factor authentication is off”.

2fa on facebook

  • Finally, Click the “Enable” Buttom. ( If you want to enable 2FA right away un-check “For the next seven days,…“)

enable 2fa on facebook

Gmail

  • Login to your Gmail account and click your profile photo in the right top corner and then click “My Account”.

setting up 2 factor authentication on gmail

  • From my account page, choose “sign-in and security”.

enable 2FA on Gmail

  • Under password and sign-in method, select “2-step-verification”.

how to enable 2FA On Gmail

  • At this phase, Google may request you to enter your password and login again.
  • Click “Get started” to set up 2FA.

2Fa on Gmail

  • Then enter your phone number. It has two options which are to either send you a text or make a call. Chose the preferred option and click try it.
  • Once you receive the text or the call, without the G—prefix, enter just only the numbers and then click next.
  • Now you’ll get a chance to review your 2-step verification method.
  • If everything looks good, click “Turn On”.

enable 2fa on google to stay safe online

Did You Know?

2FA via SMS is not the best anymore

Even though 2FA via SMS is our go-to choice, it might not be the most secure method.

In 2016 NIST (National Institute of Standards and Technology) stated that SMS is a poor way to deliver 2-factor authentication due to the risk that SMS messages may be intercepted or redirected by attackers.

So it is best to use an authenticator app or a hardware dongle instead of SMS.

But if you’re unable to use such methods, using 2FA via SMS is a good compromise compared to doing nothing.

Final Thoughts

So, as mentioned before, millions of shopaholic visit online shopping sites daily to grab a bargain.

However, sometimes those websites could be a home for hackers.

So, through this guide, we have brought you 11 ways on how to stay safe from these kinds of threats.

Additionally, we even briefly demonstrated what these threats are and how they work too.

Everything in A Nutshell

As a reminder, I would like to mention the key factors you must thoroughly keep in your mind.

  • Firstly, use familiar websites as much as possible for your shopping and always use your credit card or a safe payment method like PayPal when paying for a product.
  • Also, avoid using open Wi-Fi networks as much as possible and always make your computer is armed with all the necessary weapons to fight any malware or a virus.
  • Furthermore, follow exactly the steps we taught you to set an ultra-secure password and keep your browser up-to-date.
  • I hope that there is no necessity to mention again about the phishing scams that you must be aware of because we gave you a Ph.D. on that topic (Literally).

The Verizon’s 2017 Data Breach Investigation Report that is based on information from more than 42,000 security incidents, and about 2,000 breaches, clear up some facts about how cybercrime has increased within these years.

61% of the data breach victims in this year, are medium scaled organizations with less than 1,000 employees.

Furthermore, the report explains that 1 in 14 users was lured into clicking phishing links and 25% out of those had been deceived for more than once.

So, with all these perils and pitfalls all over the internet, it is risky to do your banking and shopping at will, without a clear knowledge about how to defend yourself from such threats.

If you follow all the steps we mentioned above correctly, then we can assure the fact that you do not need to worry anymore about being hacked.

The comment section is open to any doubts or ideas regarding the guide, and we hope that this guide was super useful to you.

Happy shopping, and stay safe!