Protecting yourself online 
  • Research the website/seller’s history and reliability. Reviews and comments from other buyers can help you ensure its authenticity 
  • Use secure payment methods like credit cards and PayPal. These may recover your money if things go wrong. Online shopping scammers will often ask to use money orders, wire transfers or a pre-loaded money card because they’re less secure. Scammers may also ask that you pay with gift cards from the genuine retailer. 
  • Check you’re on a secure web page. These pages begin with ‘https://’ and show a locked padlock symbol in the address bar. These will encrypt your data. 
  • Check if the company has complete, and verifiable, contact details, including street addresses. 
  • Be cautious of links to fake websites on genuine shopping websites and avoid clicking on pop-ups. 
  • Avoid shopping on public networks or Wi-Fi connections as your data is less secure on these networks. 
  • Don’t save CC details to websites. 

Protecting yourself online 
  • Unless you are signing up for a long term payment plan you should not need to provide identity documents as a part of the sale. 
  • Be aware of websites that advertise sales that seem too good to be true. Online shopping scammers may encourage you not to miss out on a particularly good deal. If you are unsure, research the website and find reviews. 
  • Read any refund or return policies, and ensure they seem fair. Genuine websites often have detailed descriptions on their policy. 
  • Ensure the website provides contact details for any customer enquiries. 
  • Don’t interact with sites that ask for too many personal details or ask for identity documents. They don’t need these. 
  • Keep track of your email confirmations, and make sure you receive one before you close your browser. Make a record of reference or receipt numbers. 
  • Make sure you understand the full cost of your purchase, including tax, shipping costs, and international transaction fees. 

Common online shopping scams 
  • Fake retailer websites: Scammers set up websites that look like the genuine retailer. The websites may advertise the same products at highly reduced prices and often charge you through unreliable payment methods. 
  • Online auction sites: Although online auction sites such as eBay are reliable, sellers may attempt to make a deal outside the website to scam you into giving them your money or details. Since these transactions happen outside their jurisdiction, the original legitimate auction site will not be able to help you. 
  • Online classified websites: Scammers may post fake ads on classified websites and you won’t receive what you purchased. Criminals may pose as buyers, and try and get your personal details, get you to refund money or pay advance fees for couriers etc. 

Responding to online shopping scams 

If you suspect your identity has been compromised, or if you have sent money to a scammer, there are steps you can take to limit damages; 

  • ‍If you have bought something online and you believe it may have been a scam, contact the retailer or auction service first. There may be a legitimate reason for your problem, or they may be able to help you recover from the scam. 
  • If you’ve sent banking details, contact your financial institution immediately and try to stop any possible transfers. If you paid by credit card, you may be able to arrange a charge-back through your financial institution. 
  • Assess any identity documents the scammer has access to, and contact the relevant agencies for advice. 
  • If you’ve clicked on any links or pop-ups, make sure to run anti-virus scans on any devices. 
  • Report any scam pages to ACORN. 
  • Be cautious of secondary scams that may attempt to use your details. 
print
Disclaimer

Identity Care Australia & New Zealand Ltd (IDCARE) provides identity and cyber security incident response services (the Services) in accordance with the following disclaimer of service:

IDCARE is Australia and New Zealand’s national identity and cyber incident community support service. We are a not-for-profit charity.

  • The Services provide do not constitute legal advice. IDCARE recommends that you consult a solicitor in relation to your legal rights and obligations, including but not limited to your legal rights or obligations under Australian and international privacy and data protection laws.
  • While every effort has been made to ensure the accuracy of the information in this product or service, to the maximum extent permitted by law all conditions, terms, representations, and warranties (in each case, whether express or implied) in connection with the provision of the Services which might otherwise be binding upon IDCARE are excluded.
  • IDCARE’S liability for any loss or damage suffered by any person or organisation (including, without limitation, any direct, indirect or consequential loss or damage) arising out of or in connection with the Services (including without limitation liability for any negligent act or omission, or statement, representation or misrepresentation of any officers, employees, agents, contractors or consultants of IDCARE) shall be limited to the fees paid by you to IDCARE in respect of the Services. For the avoidance of doubt, this limitation of liability extends to any liability arising from any actions performed or not performed as a result of any recommendations made in course of providing the Services.
  • The Services provided by IDCARE are intended to be provided solely to the initial recipient of this document or service and IDCARE will not be liable to any other person who may receive this document.

While every effort has been made to ensure the accuracy of the information in this alert, IDCARE disclaims any liability to any person in respect to any actions performed or not performed as a result of the contents of the alert or any accompanying data provided. Wider dissemination may be permitted by authority in writing from IDCARE’s Managing Director. If you would like to provide feedback please use our Feedback Form.

Other fact sheets

Our Fact Sheets offer important information on how to prepare, prevent, detect and respond to Identity theft and other cyber related issues.
Facebook Security

Facebook give users the option to enable email or login notifications.

view fact sheet
www.cyber.gov.au and the Police

www.cyber.gov.au or the Police? Which one to report the compromise of personal information?

view fact sheet
Twitter Security

Twitter is a virtual and public forum used by individuals, groups and businesses.

view fact sheet

Success Stories!

CONTACT US

IDCARE is here to provide you with specialist support and guidance when faced with a cyber and identity related issue. Contact one of our Identity & Cyber Security Counsellors to learn more about our Support Services and how we can help you.   
Call IDCARE Icon

AUSTRALIA

1300 432 273
Mon - Fri : 8am - 5pm AEST

Call IDCARE Icon

NEW ZEALAND

0800 201 415
Mon - Fri: 10am - 7pm NZST