How to stay safe when shopping online

Tips & tricks
16 mins

Is online shopping safe? Generally speaking, yes! Online shopping has become much safer in recent years with options for more secure payment gateways and fraud detection. 

According to recent statistics, there are currently 262 million online shoppers in the U.S. alone—which is roughly 80% of the population. The average American spends roughly 5,381 USD per person, per year on online shopping, with more than 55% of U.S. consumers saying that they prefer to shop online than in a store. 

This surge in online shopping was largely driven by the Covid-19 pandemic.  The desire for physical safety and the convenience of not having to venture out into the open acted as catalysts for more people to opt for the comfort of their own homes. However, this shift has been further propelled by recent rapid advancements in technology, including new mobile apps and a slew of delivery services, firmly establishing online shopping as the preferred mode for many.

Several other advantages of online shopping include:

  • Easier to find deals and discounts
  • Shopping in peace without being bothered by salespeople
  • Privacy for purchases on sensitive or discrete items
  • Easier to compare products across multiple stores or suppliers
  • Easier to send gifts to friends and family

Jump to…
Top 20 tips for safe online shopping
Risks of online shopping
Safest shopping websites
Fake shopping sites to avoid
How to tell if an online shopping site is legit
Shopping safely in store

Top 20 tips for safe online shopping

While online shopping is convenient, there is a drawback. Online shopping habits are often tracked or monitored. Fortunately, there are measures you can take to stay safe and anonymous. Check out our tips and stay vigilant while shopping this holiday season.

1. Stick to trusted retailers

Always make sure to research a website before making a purchase. Sticking to retailers that you’ve shopped with before is a great start. What if you’re shopping at an online store that’s new to you? Do some digging into their reputation through consumer reviews on Trustpilot, Yelp, and Google.

2. Check site security

Keep an eye out for SSL encryption on a retailer’s website. You can do that by checking if the website address starts with https (rather than http) and whether or not there’s a padlock icon to the left of the URL in the browser’s address bar.

It’s important to note that https encryption works whether or not you’re connected to the VPN. But, a VPN and https encryption paired together will keep you highly secure.

Read more: Why HTTPS vs. VPN makes no sense

3. Protect your personal information

Be extra careful about what information you provide on a website. If in doubt, give out the absolute bare minimum information required to make a purchase. Be cautious of unusual requests via email or phone calls asking you to verify information about your account. As a matter of safety, retailers will never ask you sensitive details about your account including your date of birth or passwords. 

4. Stay protected on public Wi-Fi

Making purchases on public Wi-Fi networks without a VPN increases the chance of your traffic being intercepted. If you don’t have a VPN, avoid online shopping in places like hotels, airports, public hotspots, buses, and cafes.

5. Create strong passwords

When creating online accounts, ensure that you use strong and unique passwords in addition to two-factor authentication. Make it as hard as possible for someone to access your account.

6. Use online payment services

Where available, use a secure payment gateway like PayPal, Stripe, or Venmo. Linking your credit card, rather than your debit card, to an online payment service also helps to provide an extra layer of defense to accessing your money.

7. Be wary of fraudulent deals

If you find a deal that’s too good to be true, it probably is. If a product is noticeably cheaper compared to other websites, there’s a high chance it’s a counterfeit. 

8. Monitor your statements

By enabling automatic payment notifications on your online banking or payment services, you can be notified as soon as a payment is made—genuine or not.   

9. Use a VPN

A VPN, or virtual private network, will route your online traffic through a secure tunnel. In addition to providing protection, downloading a VPN for online shopping can also potentially save you money. For example, prices on online stores and services can vary across locations. This is especially true on holidays like Black Friday and Cyber Monday.

On these high-stakes shopping days, retailers often employ dynamic pricing strategies, adjusting prices based on your location, browsing habits, and even the device you’re using. By using a VPN, you can circumvent these tactics, effectively changing your virtual location to take advantage of the best deals available, ensuring you get the most out of Black Friday and Cyber Monday sales.

10. Check if retailers accept credit cards

Credit cards are a reliable method for shopping online as they are backed by banks and financial institutions and are generally accepted by the vast majority of online retailers. It is one of the easiest payment methods to stop in the event of fraud.

11. Research online reviews

While there have been rising instances of fake reviews for online stores, it’s still recommended that you check out trusted review sites like Trustpilot. Keep an eye out for an inordinate amount of reviews with extremely similar or over-the-top language. 

12. Type the URL directly into the address bar

If you receive emails for online deals, visit the websites for those particular retailers by typing their URLs directly into your browser’s address bar instead of clicking on the links in the emails. This way, you can determine if the advertised deal is authentic and protect yourself from fake links.

13. Use a dedicated email address

Creating a separate email address just for online shopping can reduce the risk of spam. This also has the advantage of keeping all of your online shopping activities separate from your main email account. Alternatively, you could also use anonymous email forwarders to mask your main address.

14. Exercise caution when shopping from your phone

Where possible, opt for a retailer’s official app rather than making purchases from mobile browsers. Be extra careful with links from URL shortening services (like Bitly or Google URL Shortener) since their destinations are unknown.

15. Always log off after online shopping

Unless your device is exclusively used by you and you alone, take care to log out of all of your accounts once you’ve finished your online shopping. 

16. Install an antivirus or anti-malware software

Protect yourself against potential security risks to your online shopping activities by installing antivirus programs on your devices. Many reputable antivirus suites will have extensions and add-ons that you can also install on your browser.

17. Don’t be afraid to complain

If what you’ve ordered doesn’t match the retailer’s description, is damaged, or doesn’t even arrive, don’t be afraid to complain…hard. Complain to the website, the retailer, the reseller, or a state (or federal) oversight agency. You did, after all, pay for your order!

18. Use a virtual credit card

Virtual, or temporary, credit or debit cards are a great way to add an extra layer of security to your online transactions. Select credit card providers can issue temporary card numbers forked off your existing card. These can then be used for specific or one-off purchases.

19. Research physical addresses and phone numbers

Where possible, look for whether or not a business has verifiable addresses or phone numbers listed on its websites. An easy way to check whether an address is real is to research it on Google Maps. To be fair, it is worth noting that larger online platforms like Amazon also accommodate third-party resellers and any disputes that may arise will be handled by Amazon. 

20. Read the Terms and Conditions

Always remember to read the terms and conditions for anything that you buy online. For example, make sure that a retailer is legitimate before purchasing gift cards. This can help to ensure that your recipient can access and use the card without any unnecessary barriers.

Read more: How to get the best Black Friday and Cyber Monday deals

Risks of online shopping

In addition to the possibility of being tracked or monitored, online shopping also carries several risks that can catch unsuspecting shoppers. Identity theft is perhaps one of the most common issues with unsecure sites allowing for the interception and theft of your personal details.

Identity theft

This can involve anything from hackers stealing customer personal and payment information, to phishing emails designed to obtain your personal information. Once your details have been compromised, it will make impersonating you much easier online. Keep an eye on your statements and email notifications for any unusual purchases that may have been made in your name. 

Stolen data

If an online store is breached, personal and financial information for every customer could be compromised and sold online. This could possibly then lead to credit card theft or identity theft.

Fake apps

Take care to ensure that you use official apps developed by online retailers. To determine if an app is authentic, make sure you download it from a link provided on a retailer’s official website or check reviews on Google Play or on the Apple App Store.

Safest shopping websites 

The safest shopping websites are those that are well-known and have been in business for many years. They have established themselves as trusted online retailers with a track record of providing quality products and reliable service.

In addition to their reputable status, these websites prioritize the security of your personal and financial information. They employ secure payment processing methods, including https and PCI compliance, to ensure that your data is protected from unauthorized access.

Safe shopping platforms also maintain a robust privacy policy that clearly outlines how they collect and utilize your information. This transparency is crucial in building trust between the shopper and the website, as it demonstrates a commitment to safeguarding your privacy.

Here are a few examples of the safest shopping websites. 

Note: We’re not affiliated with any of these websites. We’re mentioning them based on their established reputation for safety in online shopping. It’s good practice to review a site’s privacy policy before using it for shopping to ensure it satisfies your privacy needs.


Amazon is a pioneer in online retailing and is known for its stringent security measures. They employ advanced encryption technologies, and robust firewalls, and continuously monitor transactions for suspicious activity. Additionally, Amazon’s A-to-Z Guarantee offers extra protection for purchases.


Walmart has invested heavily in ensuring a secure online shopping experience. They use SSL encryption to protect customer information during transactions. Walmart also provides multiple layers of authentication for account access, enhancing security.


eBay utilizes strong security protocols, including https, to encrypt data transmitted between users and their servers. Additionally, eBay’s buyer and seller protection policies provide added security for transactions conducted on their platform.


Target employs industry-standard encryption techniques to safeguard customer data. They also use secure payment gateways and follow best practices for securing online transactions.

Best Buy

Best Buy prioritizes customer security by using robust encryption protocols for online transactions. They also have measures in place to detect and prevent fraudulent activity.

Home Depot

Home Depot employs encryption and secure payment processing to protect customer data. They also have a dedicated team focused on monitoring and responding to security threats.


Costco uses secure sockets layer (SSL) technology to encrypt data during transactions. They also have strict security protocols in place to protect customer information.


Macy’s invests in robust security measures, including encryption and secure payment processing, to ensure the safety of customer information. They also have a dedicated team focused on cybersecurity.


Kohl’s prioritizes customer security by using encryption and secure payment processing methods. They also have measures in place to detect and respond to potential security threats.


Nordstrom employs advanced encryption techniques to protect customer information during transactions. They also have a strong focus on customer privacy and data protection.


Sephora utilizes strong security measures, including encryption and secure payment processing, to protect customer data. They also have a dedicated team focused on monitoring and responding to security threats.

Ulta Beauty

Ulta Beauty prioritizes customer security by using encryption and secure payment processing methods. They also have measures in place to detect and respond to potential security threats.

Fake shopping sites to avoid

There are currently hundreds of thousands of fake shopping sites online, disguising themselves as legitimate retailers to steal both your money and personal information. While they may look convincing at first glance, there are red flags that can help you identify and steer clear of these deceptive platforms. These include pixelated images, typos and bad grammar, amateur website design, and bargain-basement prices.

During holiday months, the prevalence of fake shopping sites tends to surge. Scammers exploit the festive shopping frenzy of Black Friday, Cyber Monday, and Festive Season to lure in unsuspecting customers with too-good-to-be-true deals on highly sought-after items. 

If you’re looking for a specific list of fake shopping sites or want to verify the legitimacy of a particular platform, there are reputable organizations and websites dedicated to tracking and exposing these scams. These include:

  • Federal Trade Commission (FTC): An independent agency of the U.S. government dedicated to protecting consumers and promoting competition. It provides a range of resources to help consumers identify and report scams, including fake shopping sites.
  • Better Business Bureau (BBB): A non-profit organization focused on advancing marketplace trust. It provides a platform for consumers to find and review businesses, as well as report scams or fraudulent activities. It also lists over 300,000 current online scams. 
  • Scamwatch: An initiative run by the Australian Competition and Consumer Commission (ACCC) that provides information to consumers and small businesses about how to recognize, avoid, and report scams. It offers a wealth of resources on various types of scams, including a list of fake shopping sites.
  • Trustpilot: A widely recognized online review platform that allows consumers to share their experiences and opinions about businesses. It operates on a global scale, providing a comprehensive overview of customer feedback across various industries. If you suspect a site is a scam, try to find it on Trustpilot to see what others say. 

How to report a fake shopping site

If you come across a fraudulent shopping site, it’s important to report it straight away. You can do so directly through Google, Microsoft, and, if you’re in the United States, the FTC or the FBI’s Internet Crime Complaint Center (IC3). Provide as much detail as possible regarding why you believe the site is fake, to aid in their investigation.

13 ways to tell if an online shopping site is legit

While a fake or scam website can be set up to look as legit as possible, most will not take the time and effort to mind all the details. Fraudsters are looking for easy money, after all. Overall, if a site purports to be a well-known brand but does not look professionally set up, go with your gut and avoid it. 

A genuine and legit site will have most, if not all, of the following signs:

  1. The URL checks out: Be vigilant for slight discrepancies in the website’s URL. Scam sites may imitate genuine addresses with small alterations or typos.
  2. Displays a padlock: A padlock symbol in the address bar signifies a secure connection (https), safeguarding your data:

  3. Showcases verified trust seals: Reputable third-party verifiers like Norton, McAfee, and Verisign vouch for the website’s security.
  4. Positive customer reviews: Genuine sites garner positive feedback, demonstrating a track record of satisfactory customer experiences. However, positive reviews can be faked, so be sure to read negative reviews too and judge for yourself.
  5. Transparent contact information: Legitimate sites usually display their physical address, phone number, and email, allowing easy access for customers.
  6. Realistic pricing: Authentic retailers have prices that align with market standards, avoiding overly discounted or suspiciously low offers—even during shopping holidays.
  7. Its domain age demonstrates longevity: Legitimate websites have a longer history, while hastily created ones that appear before popular shopping holidays may be suspicious. You can use tools like WHOIS to easily check the age of a website.
  8. High-quality imagery: Authentic sites invest in clear, high-resolution images, whereas scam sites often use low-quality, pixelated visuals.
  9. Proper grammar and spelling: Legitimate businesses prioritize error-free website copy, while scams usually have noticeable language mistakes.
  10. Professional website design: Authentic sites feature user-friendly, well-structured interfaces, contrasting with amateurish or overly simplistic designs commonly seen in fake shopping sites. 
  11. Functionality that works. If a site is full of errors, or there are buttons that are just an image and can’t be clicked on, it’s very likely to be a scam.
  12. Offers a well-defined returns policy: Reputable retailers have transparent and easily understandable return policies, ensuring a fair customer experience.
  13. Supports secure payment options: Genuine retailers offer reputable payment methods such as credit/debit cards, cash on delivery, and trusted payment platforms.
  14. Has a strong social media presence: Most authentic businesses maintain active and engaging social media profiles, showcasing their products, engaging with customers, and providing updates about promotions or events.

Shopping safely in store

If you prefer to stick to brick-and-mortar stores to do your shopping, here are some precautions you can take to stay safe:

Avoid ATMs

Take money out of your account beforehand if you’re shopping with cash, and make sure you have enough on you. ATMs in crowded shopping areas are a plum target for skimmers and other scams. Having said that, on uneventful days it’s best to use an ATM during the day with a few people around.  

Bluetooth beacons

Bluetooth beacons are Internet-of-Things devices that pair with smartphones and can monitor your movements and collect information on your shopping habits, proximity to products, and geolocation. This can be avoided by keeping your Bluetooth off or only paired to devices that you trust. Android devices also have a function that passively scans other devices to find your location. On Android 11, you can find this feature in the settings menu under Location > Improve accuracy.

Ultrasonic tracking 

Audio waves, unheard by most humans, can be picked up by smartphones and used to track you. Be wary about what apps you provide with microphone permissions, not only to deter ultrasonic tracking but also to ensure that your conversations aren’t being recorded nor mined for keywords.

Stay in contact

If you’re with company, try and stick together—or at least, make sure you know each other’s whereabouts. If you have children with you, make sure to keep them by your side at all times and let them know to immediately approach mall or security staff, or another parent, if they find themselves alone. It’s also handy to have your kids memorize your phone number, just in case.

Protect personal items

Keep bags, wallets, and purses secure. If you can swing it, get yourself an anti-theft backpack—preferably one with a zip that opens from the inside rather than outside. Take the absolute bare minimum items needed when shopping outside (we recommend privacy-conscious accessories like a Faraday Bag and an RFID-blocking wallet). Don’t leave your items unattended.

FAQ: Online shopping safety

What is the safest way to order online?
Why is it important to shop safely online?
What are the dangers of shopping online?
When shopping on the internet, what should I never do?
Phone protected by ExpressVPN.
Protect your online privacy and security

30-day money-back guarantee

Various devices protected.
Take the first step to protect yourself online. Try ExpressVPN risk-free.
What is a VPN?
Hi, you've reached Marcus. Dial '1' for privacy, '2' for point and click adventure games, and '3' for paranormal stories. For all other enquiries, please stay on the line and he'll be with you shortly.