Safe Shopping: 2020 Edition
Last year, I posted the below blog. After “Black Friday.” Whoops. This year, I thought it worth posting again – this time beforehand! – since my audience has grown dramatically (thank you so much! Seriously, I am so humbled!), but updated to reflect both advances in technology and the global pandemic where necessary. So without further adieu, the 2020 guide to safe holiday shopping!
With gift-giving season officially beginning in the United States (and at least a few other places, I presume), I figured this would be a great time to discuss safe shopping tactics. I don’t feel like this needs any sort of real introduction, it’s pretty self-explanatory, so let’s begin.
Pay with cash in person. There’s a large push for card usage in the US, and it has some personal finance benefits. Cards often come with cashback and purchase protection, and while the risk of skimming still exists, fintech (financial technology) security has come a long way. However, cards are still a privacy nightmare. Your shopping data will absolutely be sold by your bank to data brokers. As such, cash is king. But if you need some less-crazy, more practical reasons to use cash: if you’re buying a gift for someone who has access to your bank statements (significant other, parent, etc) it can help shield your purchases – both the site and the amount – and keep the gift a surprise. Furthermore, holiday spending and gift giving is often a source of debt in the new year, so using cash will help you stick to your budget. Personally I think racking up a boatload of new debt is a really crappy way to start the new year.
Of course, online shopping has long been popular, and even moreso this year. For online transactions, use pre-paid cards (such as the Vanilla card) or card-masking services like Privacy.com, Blur, MySudo, or ViaBuy (if you live in Europe) to avoid having your real information stolen. If a scammer steals your info, the effects could be as minimal as having to get a new card or as serious as draining your bank account, stealing your identity, or even stalking you. So I definitely encourage you to use a masking service of some kind. Be aware that Privacy.com and MySudo essentially function as banks in this scenario, so they will ask for some personal information that some people may not be comfortable with. Blur is a little less invasive, but you’re basically just creating digital pre-paid cards. Personally I’m a fan of Privacy.com for a lot of reasons, but this isn’t the time or place. Feel free to check out all of the solutions suggested and see if any of them are right for you.
Use HTTPS. HTTPS is a powerful and effective encryption method for data-in-transit (aka web traffic) that helps protect your sensitive information as it shoots across the web. The vast majority of the internet is now securely encrypted so you’re probably covered, but be vigilant anyways. Just this month I tried to order some food for takeout and the webmaster had accidentally let the certificate lapse, so they didn’t have HTTPS. Thanks to the browser plugin HTTPS Everywhere, I was alerted and avoiding sending my card information on a potentially unsecured website. This plugin will automatically ensure an HTTPS connection wherever it’s offered, regardless of search engine or browser settings, and alert you if one isn’t found so you can decide if you still want to use the site or not.
Use a PO Box. PO Boxes can serve tons of great purposes that you didn’t even know you needed. For starters, they start off inexpensive, in some places as little as $20/year. They can be handy because your packages don’t sit unguarded on your porch while you’re at work, they sit safely inside the building of your box. And of course, you don’t have to worry about some stranger on the internet snagging your home address, whether that’s the random person on Etsy, the rogue employee at Amazon, or the hacker who hopefully didn’t steal your information because you already implemented the above bullet points.
Don’t quit on December 26. The thing about these habits is that they’re great year-round, not just around the holidays. Shopping is something we do all the time, all year, and these strategies can be implemented there, too. You can pay cash at the grocery store. HTTPS can protect your Facebook login from a random hacker just as much as your card number. Online data breaches are quickly becoming a daily occurrence, so using card-masking can prevent your card number from getting permanently posted to the dark web (if you’re not worried about that, clearly you’ve never had the hassle of updating EVERY service you use after a card number changed for any reason). Even a PO Box can be a neat thing to have on hand if you rent and move in the same area frequently, if you need an address on file for work (again, data breaches), or freelance and need somewhere to send checks or a return address for merchandise you sell.
Take some time to think about which of these strategies can benefit you most. HTTPS is something that takes just a few minutes to set up and you never have to think about it again. A PO Box can be easily added into your routine by renting one nearby or on your way to/from work (if you have a concern about stalkers, you may want to consider getting one in a nearby town instead). Cash can be handy as well to help you stick to a budget. I hope these tips help keep you safer online this holiday season, and good luck finding that perfect gift!