How to stay safe when shopping online

See guide sections

In this guide

Research the website and seller

Found an unbelievable deal on a much-coveted product but don’t recognise the website selling it? A little research about the vendor may protect you from losing your money or being sent a counterfeit product.

If you’re using a website for the first time, search its name online and see if any negative reviews appear. You can also use sites like TrustPilot to search for reviews. 

Research where the vendor is based and dispatching its products from. Some vendors may claim to be based in the UK but are actually located overseas, meaning in some cases you could be waiting weeks for the products to arrive.

Make sure the products you’re buying are authentic

If you’re buying an expensive item, such as electronics or designer clothing, check the manufacturer’s website to ensure you’re buying from an authorised distributor or seller. This will reduce your chances of receiving counterfeits.

Check the vendor’s returns policy

If the product doesn’t live up to your expectations, can you return it? You should be suspicious of any vendor that doesn’t allow you to send products back. Even if the retailer is legitimate, you want to be able to get your money back if the product is faulty or not suitable.

Use credit cards or online payment systems for purchases

Credit cards are the safest way to pay for things online. Under section 75 of the Consumer Credit Act, for any transactions between £100 and £30,000 made on your credit card, the credit card provider is jointly responsible with the seller for any breach of contract or misrepresentation by the retailer. 

This means you can be refunded by your credit card provider if;

• You don’t receive the items you ordered
• The items are faulty or damaged and the vendor isn’t issuing you a refund or replacement
• A retailer goes into administration before providing what you’ve paid for

If you don’t have a credit card, consider using an e-money service like PayPal. This allows you to pay for goods without submitting your bank details. These services often have some protection for purchases, although not to the extent of credit card providers.

Make sure the website is secure

You should only enter your card details into secure websites. To identify a secure website, look for the following things:

• A padlock symbol in the address bar next to the website address
• A website address starting with https://. The S stands for secure
• A green address bar—this is how some browsers identify secure sites
• A valid certificate. If you click on the padlock symbol or just to the left of the address bar, you can see the site’s certificate, which provides information about who has registered the site and any warnings associated with it

Don’t use public WiFi to complete online transactions

It’s tempting to hop onto public WiFi when you’re out and about to avoid using data from your mobile phone allowance. But you should never complete transactions, enter personal details or log into your internet banking while using public WiFi networks. Any information you send over these insecure networks may be accessed by criminals.

Almost all broadband providers have built-in internet security measures as well as secure hosting, so use your home internet connection to complete purchases where possible. 

If you're unsure of the level of security your current provider offers, or you want to switch to one that offers more protection, check out our page on which broadband provider has the best online security.

Use two-factor authentication

Many banks and building societies are now requiring customers to verify it’s them when making any online purchases via two-factor authentication.

This may entail you entering a one-time code sent by text message to the phone number registered to the account, answering a security question, logging in to your mobile banking app or scanning your fingerprint with your device.