In the past, when buying online, the advice was to check a website for the padlock symbol appearing in your browser to verify that the communication is secure and encrypted. Whilst this still applies, a check on this alone is no longer suffice and, before typing your credit card details into a website, there are a number of additional checks we recommend:
- Did you arrive at the retailer by clicking a link (either in an email or another website)? If so, you may have been directed to a ‘spoof’ website masquerading as a legitimate retailer. It is always best to type in the known website address directly into your browser or go through a reputable search engine.
- Check the URL is correct. The oldest trick in the book is to register a similar domain name and stick up a fake shop front up, e.g. ebuy.com instead of ebay.com. Also check that the URL is relevant to the product you are buying and avoid domain names ending in .net or .org since they are not generally used by retailers.
- Take a good look. Click through the website and read through a few pages (‘about us’ etc.). If it looks sloppy, has broken links, spelling mistakes and/or poor grammar then it is likely to be fake. Also check the terms and conditions and returns policy.
- Don’t trust a trust badge. It’s easy for scammers to rip off badges such as Trustpilot or fake their own in an attempt to appear legitimate.
- Check reviews on reputable review sites such as Trustpilot or Feefo. If you haven’t purchased from a website before, check out what other people are saying about them. You may run a mile when you do!
- Check the website contact details. Under UK (and many other countries) consumer law states that the “full geographic address” must be provided on the website. Check that the trading address is legitimate – is it on Google maps? Do they appear in Google Street View and are they trading from a business address and location you are confident to buy from? Also check for a working phone number and customer service email address that corresponds with the website domain. A trader with no contact details may have something to hide. More info on what the law states should be listed can be found here.
- If in doubt, and if they are UK Limited company, check with Companies House (https://www.gov.uk/get-information-about-a-company) that they are listed, have the correct company number/address displayed on their website and their trading status is ‘Active’.
- Always pay by credit card. If it turns out to be fraudulent you will usually have protection and a right to a refund via the credit card company. NEVER pay by bank transfer. Also check that you are not being redirected to a 3rd party website for payment that you have not heard of or, has an unusual URL or page content. After you have purchased, look for an email confirmation and check that it looks legitimate.
- Don’t use a public WiFi connection (e.g. cafe, airport) to make an online purchase since your communication may be intercepted by a hacker. This rule also applies for other sensitive online activity such as checking your bank account.
- Finally, be suspicious of low prices and discounts. Again, this is an old trick and, the old adage still applies – if it sounds too good to be true…
In summary, when buying online, take your time. Be thorough, vigilant and suspicious – turn detective and don’t rely on just one check before typing in your details. This is especially important if you have received an offer by email (or clicked an online ad) and when buying from with a retailer/website you have not dealt with before.