How to stay safe shopping online

Being vigilant online and taking cybersecurity seriously is important at all times of year. But especially in the rush to grab a bargain during big shopping events such as ‘Black Friday’ or ‘Cyber Monday’.

Here are some simple tips to stay safe online and avoid falling victim to a scam:

Digital best practices

Before shopping online, there are steps you can take to secure your computer and devices:

Choose an impenetrable password. Passwords should be strong and unique. Avoid obvious themes, such as variations of your birthday. Also, don’t rely on using numbers or symbols as a replacement for letters.

When using multiple accounts online, it’s tempting to use the same password. However, if your password is compromised for one site, it’s compromised for all. Try a password manager, which will help you create and store strong passwords for all your online accounts.

Secure your devices. Enable new security features on your devices to keep them protected. Consider six-digit passcodes, fingerprint or facial login, and two-factor authentication (2FA).
Use antivirus protection. Be sure to install antivirus and malware protection. Always have this running in the background and update it frequently.
Get covered. For peace of mind, consider getting cyber insurance as part of your home insurance policy where not included as standard.

Avoiding Black Friday shopping scams

To avoid would-be scammers, being vigilant is key.

The most common scam which ensnares web users is phishing. Scammers are increasingly convincing in mimicking trusted organisations, lulling the user into a false sense of security.

Buying through scam sites could lead not only to orders never appearing, but payment details being taken fraudulently.

Also beware of ‘unpaid shipping’ scams. These are messages claiming to be from delivery companies like DPD or Royal Mail, telling you there’s a small fee which needs to be paid to release a delivery. Clicking the link takes you to a bogus site, intending to harvest your information.

Check the URL

The URL is the website address displayed in the browser. This can often give clues as to whether a website is legitimate. Sites such as ‘’ are legitimate, whereas variations such as ‘’ may not be. You can check if a URL is safe by searching 'Google Transparency report' online.

Only use secure sites

Make sure that the websites you use have the padlock symbol in the browser address, as these will keep your data encrypted.

Pay through a trusted third party

If you want to use a site which isn’t a well-known, trusted brand, avoid giving them your payment details directly. Use a trusted payment handler such as PayPal or WorldPay when you check out, if you can.

Stay email alert

Before engaging with emails asking you to do something, check the sender matches the company’s website address. Be especially wary of emails requesting personal information, or that you change your password or payment details.

Even if the email seems legitimate, you’ll be better off going directly to the company website, rather than clicking on the link.

Don’t pay by bank transfer

When buying online, never be persuaded to make a direct payment into a bank account. Making credit or debit card payments comes with certain consumer protections, whereas bank transfers will not.

Be smart about app downloads

Only use shopping apps downloaded from official sources, be cautious about what you are downloading and pay attention to details. Scammers can take advantage of people signing up for subscriptions by luring them into a short-lived free trial that then converts into an expensive, recurring expense. Also, make sure you are carefully reading what the app can access. Do you really need to give a shopping app access to your list of contacts?

Take caution buying through ads and offers

Before you think of making a purchase through an advert on Instagram or Facebook, or even downloading a voucher, perform an Internet search about the ad you received for words like “complaint” or “reviews” and you may uncover a scam related to the promotional offer.

If it seems too good to be true, it probably is

If an item is significantly cheaper than through other sellers, approach with caution. Do you know the website? Is it a trusted retailer? Did you find it via an unsolicited link?

A fraudster may set up a website designed to look like a legitimate seller, but with no plans to ship you any goods you may buy. Before purchasing from any seller, research them online for any scam reports. Duplicate favourable reviews found on different sites are a red flag of false product promises.

Remember, often it’s worth sticking to the old saying - if it seems too good to be true, it probably is.

Personal Cyber cover for peace of mind

Personal Cyber cover through NFU Mutual Bespoke Home Insurance gives you peace of mind, with dedicated support and cover up to £50,000 a year* should you fall victim to cybercrime, plus access to a 24/7 Cyber Assistance Helpline.

Expert help whenever you need it from your personal cyber security team

Want to learn more about how to prevent a cyber incident? Looking for a second opinion on a suspicious call or email? Need immediate support in the event of a cyber attack?

If you’re a NFU Mutual Bespoke Home Insurance policy holder, NFU Mutual Bespoke Cyber Assistance Helpline, administered by CyberScout, can offer advice and guidance and access to cyber experts and fraud specialists.

You’ve got 24/7 access, 363 days a year** - just call the Helpline and have your NFU Mutual Bespoke policy number to hand.

Helpline number:  0800 138 8211

*Terms and conditions apply

**Closed Christmas Day and Boxing Day