5 Credit Card Safety Tips for Online Shopping

You can limit your exposure to credit card fraud by following five simple steps.

Credit Card Safety for Online Shopping

Your bank will never ask for your information over email. (Getty Images)

Using a credit card for purchases online is much safer than using a debit card. But even then, you have to be vigilant and keep credit card protection in mind. The new chip credit cards do help prevent cloning, but if the account number is stolen, fraudsters can still use your account online.

According to the Federal Trade Commission, there were almost 1.1 million reports of fraud, identity theft and related crimes in just the first quarter of 2022.

Online fraud is a constant threat, but you can enhance credit card security by implementing the following steps. Here are five ways to practice credit card safety while shopping online.

1. Practice Credit Card Safety From the Start

Here are some steps to take to make sure you're protected from viruses. Don't underestimate how devastating it is to have your computer hijacked by malware, which is malicious software that can collect and share personal and financial information about you.

  • Secure your devices. Before you buy anything online, you need to make sure that your computer has a firewall and that it's turned on. Also, make sure your devices are equipped with software that defends against viruses, spyware and other threats. I use Norton, but there are many options to choose from.
  • Download updates from your provider. You need to stay on top of this. As cybercriminals try new hacking methods, the antivirus providers adjust their products to handle new risks.
  • Change passwords regularly. Every three months or so, update your passwords. And don't use your cat's name or your birthday. There are plenty of free password management tools at your disposal. Pick one, and use complicated passwords with random capitalization and symbols.
  • Keep account information private. Don't share your login information with anyone. Don't give it out over the phone or in public where you could be overheard.

2. Watch Out for Phishing Scams

Phishing scams might come in the form of emails, texts or phone calls. You'll get an email that looks like it's from a legitimate company, and you'll be asked to click on a link or an attachment. But once you click the link or open the attachment, your data gets stolen via malware.

Another example of a phishing scam is to pose as a charity asking for a donation. This often coincides with a major disaster that's in the news, such as a hurricane or a pandemic. You're told it's easy to help – all you have to do, of course, is click the link. If you'd really like to contribute to the charity, get on Charity Navigator and find out if the charity is real.

Here are some clues that you're dealing with a phishing scam:

  • There are misspelled words and odd sentence structures in the emails. Fraudsters might be crafty, but they aren't usually great writers.
  • A trusted financial institution calls you or asks you to email or text your account login information. Your bank or credit card issuer will never ask for sensitive data to be sent that way.
  • A text alerts you that your account information has been compromised. It asks you to click on a link to update your information. The link then takes you to a malicious site that steals your sensitive data. By the way, mobile phishing is referred to as smishing.
  • An email that says it's urgent to act now. This might include a special offer for a low price on an item in high demand. The hope is that you'll react emotionally to grab the offer. And, of course, supplies are limited, so you need to hurry!

3. Protect Yourself Online

Now that your devices are secure, you need to be aware of what can happen if you aren't careful online when you make purchases.

  • Check for the extra "s" in the web address. On unsecured sites, you'll see "http://" at the beginning of the web address, also known as the URL. But on a secured site, you'll see "https://" in the address. The "s" stands for "secured." It's easy to get scammed into thinking you're on your bank's website when you're really not. Don't give account information if you don't see that very important "s" in the URL.
  • Don't make purchases using public Wi-Fi. It's OK to browse online while sipping your triple espresso, but it's not OK to make a purchase using your coffee shop's Wi-Fi. Cybercriminals have access to that Wi-Fi signal, too, and can intercept your data. Now, if you have access to a virtual private network, or VPN, you'll be logged into a password-protected network, and your information will be protected from hackers.
  • Use virtual credit card numbers. A virtual credit cardis one way to keep your account numbers safe. This isn't a plastic card like the one you hold in your hand. It's a randomly generated number that changes whenever you use your real credit card to purchase an item online. Your true account number is never stored on the targeted website. If the retailer's website gets hacked, the fraudster isn't able to use the virtual numbers obtained. Not all issuers offer this, though, so check with your issuer whether this is an option for you. You can also check into using Verified by Visa and Mastercard SecureCode if your issuer doesn't offer extra security for the credit cards you use.
  • Use a digital wallet. A digital wallet allows you to pay for purchases using your smartphone. These apps offer encryption, plus additional protection, such as required authorization. These features make it difficult to steal your sensitive information. PayPal also functions as a digital wallet that offers more credit card security. If it's an option, use PayPal to make payments online, and you'll get added protection.
  • Set up transaction alerts. You can turn on purchase alerts and get notified when your card is used to buy something. Turn alerts on via your preferred mobile banking app, such as the Chase Mobile App. Follow the prompts on your phone to set up your digital wallet and enable purchase alerts by email, text or push notifications. This is an excellent way to catch fraudulent purchases almost right away.

4. Check Your Credit Card Accounts Online

According to the Consumer Sentinel Network Data Book 2021, credit card fraud totaled $181 million in 2021. You can reduce your chances of being a victim of fraud by checking your account information online frequently.

You'll be surprised by how little time this takes. Review your purchases online and look for purchases you or an authorized user didn't make. If you find rogue purchases, that indicates that someone stole your credit card account numbers and used them to buy items. Monitoring your accounts helps you catch credit card fraud in the early stages. Also, look for small amounts under $10. Sometimes, criminals will use the card for little purchases to verify that it's a "live" credit card.

But checking your credit card accounts only helps you monitor your existing accounts. To find out if someone has stolen your identity and opened new accounts in your name, you'll need to check your free credit reports. Look at the listing of accounts and make sure that every account was opened by you.

5. Report Fraud Right Away

If you discover fraudulent purchases or you lose your credit card, report it to your credit card issuer right away. It can freeze your account and stop further purchases. If you find new accounts opened in your name, you need to report that as soon as possible, too. The Consumer Financial Protection Bureau has a list of steps and contact information for the credit bureaus if you've been a victim of fraud or identity theft.

I can't stress enough how important it is to have a sense of urgency when fraud or identity theft occurs. U.S. law states that you can't lose more than $50. But many issuers will give you zero liability if you promptly report fraud.

Updated on June 22, 2022: The story was previously published at an earlier date and has been updated with new information.

Comparative assessments and other editorial opinions are those of U.S. News and have not been previously reviewed, approved or endorsed by any other entities, such as banks, credit card issuers or travel companies. The content on this page is accurate as of the posting date; however, some of our partner offers may have expired.