Cybersecurity and Scam Prevention

Tips for safe online shopping

12 December 2023

Busy shopping? Learn tips to avoid cyber threats, stick to trusted sellers, safeguard your payment information, and keep calm in the world of digital deals.

Avoid scams and safeguard your payment information when shopping online

There are always plenty of reasons to shop till you drop. Online retailers roll out massive sales, gift exchanges call for presents, and surely you deserve a little reward — handily paid for by that hard‑earned bonus — for making it through another year of hard work.

It’s easier than ever to indulge in shopping sprees, with more brands and platforms rolling out seasonal sales and enticing discounts. But before you start click‑click‑clicking, or tap‑tap‑tapping on your mobile — remember that increased online shopping also creates more opportunities for cybercriminals to target unsuspecting victims.

The internet has become a prime target for scams, with attackers finding new ways to disguise malicious activity as legitimate. According to the Singapore Police Force, e-commerce scams were the top scam types, and online shopping platforms were one of the top contact methods which scammers used to reach out to victims, along with social media, messaging platforms, and phone calls. So how can you shop online with confidence? This guide breaks down the essentials of safe online shopping and practical steps to protect yourself while navigating today’s digital marketplace.

How to Tell if a Website Is Safe to Buy From

You’re scrolling online, hunting for that perfect pair of shoes, when a site pops up offering the lowest price and free shipping. It looks tempting — but you’ve never heard of the site before. How do you know if it’s trustworthy?

Here are the signs to check before you hit “buy”:

Secure connection: Look for “https://” at the start of the URL and a padlock icon in the browser bar. This shows the site encrypts your data.
Professional design: Watch out for sloppy layouts, spelling mistakes, broken links, or blurry images. Legitimate retailers invest in their online presence.
Customer reviews: Search for feedback on platforms like Trustpilot or Google. No reviews — or lots of negative ones — are red flags.
Contact information: A genuine site provides clear details such as a physical address, working phone number, or customer service email.
Privacy policy: Credible sites explain how your data is collected, stored, and used.
Secure payment methods: Stick to established options like PayPal, Visa, or Mastercard. Be cautious if the site only accepts bank transfers or unusual payment methods.
Returns and refunds: Legitimate retailers publish clear, fair policies for returns, refunds, and exchanges.

Tips for Shopping Online Safely

1. Stick to recognised retailers and trusted sellers

One of the simplest ways to stay safe is to buy only from reputable sources. If you’re unsure about a site’s legitimacy even after checking the basics, it’s better to skip the purchase. That “great deal” could end up costing more than you save.

For variety, established e‑commerce platforms are a safer bet. Many partner with major merchants and host official brand microsites, giving you confidence that the products are genuine. These platforms also tend to have stronger security measures, clear refund policies, and reliable customer support.

This doesn’t mean smaller retailers can’t be trusted. It just means you’ll need to spend more time reading product and store reviews, and checking how often items have been purchased. Doing your deal diligence helps ensure that what you see online — whether in photos or videos — is what you actually receive.

2. Watch out for unusual payment processes

Online payments should follow a straightforward path: entering your card details through a secure channel. Scammers, however, often try to bypass this by steering you to portals they control.

Malicious sellers may send links that require “extra steps” to complete a purchase, only to redirect you to a fake payment site designed to steal your card details. Clicking such links can even install malware on your phone. If you notice an unfamiliar app suddenly appearing, don’t ignore it — it could be malicious. In one case, a victim lost more than $40,000 of CPF savings after downloading a bogus app while trying to buy seafood online.

If you suspect your device has been infected, switch to flight mode immediately to cut off access, then run anti‑virus and anti‑malware scans. A factory reset adds another layer of protection. Keep a close eye on sensitive accounts such as banking or payment platforms, and report any unauthorised transactions right away.

You can also report suspected scams to the authorities through ScamShield, which helps strengthen overall protection against fraudulent activity.

Empowering Citizens with ScamShield

ScamShield is a trusted suite of tools that helps citizens protect themselves against scams, delivering real‑time protection across the digital space.

ScamShield app: Allows users to report suspicious calls, messages (SMS, WhatsApp, Telegram), links, and emails. These reports help block scam numbers flagged by authorities, protecting users from future attempts.
On-Device AI: To protect user privacy, the app analyses incoming SMSes directly on the device. Suspicious messages are filtered into a “Junk” folder, while messages from recognised businesses or your saved contacts are considered safe.
Holistic Support: ScamShield offers a 24/7 Helpline (1799) for immediate verification and assistance.

3. Never tell anyone your OTP

Never share OTP password with anyone for security reasons

OTPs, or one-time passwords, are an important form of two-factor authentication used for logins and payments to ensure that it’s really you who’s performing the action, instead of someone who’s gotten hold of your username and password or payment details.

So alarm bells should go off if anyone asks for your OTP to complete an online purchase. Authentic sellers and customer service officers know better than to ask for it, so if they do, it’s a dead giveaway that they are malicious actors, no matter how professional or helpful they sound.

4. Update your apps and device’s operating system

Always update your apps and operating system to avoid security vulnerabilities

Cybercriminals are constantly probing for weaknesses in devices and the apps installed on them. Phone manufacturers and app developers regularly release updates to patch these gaps — but they only work if you install them.

Keeping your software up to date is one of the simplest ways to strengthen your digital security. Don’t ignore those update notifications: enable automatic updates for your devices, apps, and operating systems. If you prefer manual control, set a recurring reminder to check for and install new versions at least once a week.

5. Choose the credit card over the debit card

Debit and credit cards function in much the same way except for one crucial difference: funds are immediately deducted from your account when debit cards are used, whereas transactions for credit cards are not due right away.

This gives banks precious time to investigate possible fraudulent transactions and reverse the charges if you've been the victim of a possible online shopping scam.

Keep calm and carry on

Ultimately, scams prey on a basic emotion — fear. Whether it’s the fear of missing out on a good deal or the fear that you won’t receive your shopping, scammers want to keep you in a heightened state of anxiety.

So if you feel a welling up of emotion while online shopping, take a step back and ask yourself:

Is there anything strange about the situation?

Am I being made to feel a false sense of urgency so that I throw caution to the wind?
Am I letting my guard down because I just have to grab that awesome deal?

Remember, anyone can be a scam victim, even the internet savvy. If you sense any of these feelings, keep calm and remind yourself — there are so many online sales nowadays that even if you miss out on this one, the next one’s just around the corner. Happy shopping!