Whether you go online to check your bank balance, pay a bill, give money, shop, or sell something, these six rules can help you keep the risks to a minimum.
Help protect your online transactions by using firewall, antivirus, and antispyware software. Encrypt your wireless connection at home. Keep all software (including your web browser) current with automatic updates. For more information, see How to boost your malware defense and protect your PC.
Strong passwords are easy for you to remember but difficult for others to guess. They are at least 14 characters long (the longer the password, the better) and include numbers, symbols, and upper- and lower-case letters. For more information, see Learn how to create strong passwords. If you already have a password in mind, check your password strength.
Keep passwords and PINs (personal identification numbers) secret. Do not share them in email, instant messages, or over the phone.
Use unique passwords for bank accounts and other important financial information. Avoid using the same password everywhere. If someone steals that password, all the information that the password protects is at risk.
Links in email messages, text messages, instant messages, and pop-up ads can take you to websites that look legitimate but are not. To visit websites, type the address yourself or use your own bookmark or favorite.
Before you enter sensitive data on a webpage, ensure that:
The site uses encryption, a security measure that helps protect your data as it traverses the Internet. Signs of encryption include a web address with https ("s" stands for secure) and a closed padlock beside it. (The lock might also be in the lower right corner of the window.)
You are at the correct website—for example, at your bank's site, not a fake one. If you are using Internet Explorer, one sign of trustworthiness is a green address bar like the one above.
The site contains signs that it is legitimate. For example, look for third-party seals of approval. Companies can put these seals on their sites if they abide by a set of rigorous standards such as how personal information can be used. Two seals to look for:
If you see the seals, click them to make sure they link to the organization that created them. Some unscrupulous merchants will put these logos on their websites without permission.
Never pay bills, bank, shop, or do other financial business on a public or shared computer or on devices such as laptops or mobile phones that are on public wireless networks. The security is unreliable.
To help protect yourself against fraud, watch out for scams. For example, be wary of deals that sound too good to be true, alerts from your "bank" that your account will be closed unless you take some immediate action, notices that you have won a lottery, or a refusal to meet in person for a local transaction.
Typically this kind of message, whether sent by computer or phone, is designed to entice you to visit a phony website where criminals collect your financial data. (If you doubt the message's authenticity, call the company.) Learn to spot phishing scams and defend against them.
Online shopping problem? First, ask the seller to make things right. If that doesn't work, contact the web service for help.
Report scams, fraud, identity theft, or other abuse:
To the web service, local police, and the bank, credit card company, or other financial institution.
For identity theft in the United States, to the U.S. Federal Trade Commission (FTC) or call toll free: (877) 438-4338.
For scams or fraud in the United States, to the FTC or call toll free: (877) 382-4357.
I want to...