Safely Shopping Online

<  Back to Fact Sheets
Online shopping 

Online shopping has made the shopping experience more efficient and more accessible. Unfortunately, some websites are not as genuine as others. You may find you have been charged for a product you never receive, or that the vendor is asking you for identity documents in exchange for receiving your purchase. Low security on shopping sites means hackers can steal credit card details. This fact sheet will provide some tips on how to safely shop online, and steps you can take if something goes wrong. 

Protecting yourself online 
  • Research the website/seller’s history and reliability. Reviews and comments from other buyers can help you ensure its authenticity. 
  • Use secure payment methods like credit cards and PayPal. These may recover your money if things go wrong.
  • Online shopping scammers will often ask to use money orders, wire transfers, a pre-loaded money card, or to make direct deposits into their bank account. They may also ask that you pay with gift cards from the genuine retailer. 
  • Check you’re on a secure web page. These pages begin with ‘https’ and show a locked padlock symbol in the address bar. These will encrypt your data. 
  • Check if the company has complete, and verifiable, contact details, including street addresses. 
  • Be cautious of links to fake websites on genuine shopping websites and avoid clicking on pop-ups. 
  • Avoid shopping on public networks or Wi-Fi connections as your data is less secure on these networks. 
  • Don’t save credit card details to websites. 
  • Unless you are signing up for a long term payment plan you should not need to provide identity documents as a part of the sale. 
  • Be aware of websites that advertise sales that seem too good to be true. Fraudulent online shopping sites may encourage you not to miss out on a particularly good deal. If you are unsure, research the website and find reviews. Read any refund or return policies, and ensure they seem fair. Genuine websites often have detailed descriptions in their policy. 
  • Ensure the website provides contact details for any customer enquiries. 
  • Don’t interact with sites that ask for too many personal details or ask for identity documents. They don’t need these. 
  • Keep track of your email confirmations, and make sure you receive one before you close your browser. Make a record of reference or receipt numbers. 
  • Make sure you understand the full cost of your purchase, including tax, shipping costs, and international transaction fees. 

Common online shopping scams 
  • Fake retailer websites: Scammers set up websites that look like the genuine retailer. The websites may advertise the same products at highly reduced prices and often charge you through unreliable payment methods. 
  • Online auction sites: Although online auction sites such as eBay are reliable, sellers may attempt to make a deal outside the website to scam you into giving them your money or personal identity information. Since these transactions happen outside their jurisdiction, the original legitimate auction site will not be able to help you. 
  • Online classified websites: Scammers may post fake ads on classified websites and you won’t receive what you purchased. Criminals may pose as buyers, and try and get your personal details, get you to refund money or pay advance fees for couriers etc. 

Responding to online shopping scams 

If you suspect your identity has been compromised, or if you have sent money to a scammer, there are steps you can take to limit damages; 

  • ‍If you have bought something online and you believe it may have been a scam, contact the retailer or auction service first. There may be a legitimate reason for your problem, or they may be able to help you recover from the scam. 
  • If you’ve sent banking details, contact your financial institution immediately and try to stop any possible transfers. If you paid by credit card, you may be able to arrange a charge-back through your financial institution. 
  • Assess any identity documents the scammer has access to, and contact the relevant agencies for advice. 
  • If you’ve clicked on any links or pop-ups, make sure to run anti-virus scans on any devices. 
  • Report online shopping fraud to Report Cyber (in Australia) or contact New Zealand police by calling 105 or online
  • Be cautious of secondary scams that may attempt to use your details. 

For additional support or information, contact IDCARE by submitting a Get Help Form or call 1800 595 160 (Aus) or 0800 121 068 (NZ).


Identity Care Australia & New Zealand Ltd (IDCARE) provides identity and cyber security incident response services (the Services) in accordance with the following disclaimer of service:

  • IDCARE is Australia and New Zealand’s national identity and cyber incident community support service. IDCARE is a not-for-profit and registered Australian charity.
  • The Services provided do not constitute legal advice. IDCARE recommends that you consult your own legal counsel in relation to your legal rights and obligations, including but not limited to your legal rights or obligations under Australian and international privacy and data protection laws.
  • While every effort has been made to ensure the accuracy of the content provided, to the maximum extent permitted by law all conditions, terms, representations, and warranties (in each case, whether express or implied) in connection with the provision of the Services which might otherwise be binding upon IDCARE are excluded.
  • IDCARE’S liability for any loss or damage suffered by any person or organisation (including, without limitation, any direct, indirect or consequential loss or damage) arising out of or in connection with the Services (including without limited liability for any negligent act or omission, or statement, representation or misrepresentation of any officers, employees, agents, contractors or consultants of IDCARE) shall be limited to the fees paid by you to IDCARE in respect of the Services. For the avoidance of doubt, this limitation of liability extends to any liability arising from any actions performed or not performed as a result of any recommendations made in the course of providing the Services.
  • If you would like to provide feedback please use our Feedback Form.


IDCARE is here to provide you with specialist support and guidance when faced with a cyber and identity related issue. Contact one of our Identity & Cyber Security Case Managers to learn more about our Support Services and how we can help you.   

Get help

Submit a web request

Call Centre Icon


1800 595 160

Mon - Fri: 8am - 5pm AEST

QLD: 07 3555 5900
ACT & NSW: 02 8999 3356
VIC: 03 7018 2366
NT, SA & WA08 7078 7741

Call Centre Icon

call our NEW ZEALAND

0800 121 068

Mon - Fri: 10am - 7pm NZST

AKL: 09 884 4440