Experts estimate that 2019 will bring the first trillion-dollar holiday shopping season in the US, with 96% of people choosing to do at least some of their shopping online.

But all the convenience in the world is all for naught if you get ensnared in an online shopping scam, which, unfortunately, abound. In the UK alone, online shopping scams cost consumers £58 million per year. That doesn’t mean that you should swear off online shopping — just that you need to take precautions.

What kind of online shopping scams are there?

Where there’s money, there’s crime, and online shopping is no exception. Scammers have a variety of tricks up their sleeves:

Phishing: fraudsters lure you in with phony emails or other means to get you to unwittingly tell them personal details, like your passwords and credit card numbers. For example, they could send you fake coupons or deals and urge you to follow a specific link. So definitely be wary of any deals that sound too good to be true (they probably are).

Pharming: malware on your system causes your computer to secretly redirect you to fake websites, even if you typed the URL of the correct, authentic site into the search bar.

Website spoofing and unsafe websites: hackers can create fake versions of popular websites to trick you into using them so they can steal your information or install malware onto your system.

Unsafe Wi-Fi: unsecured Wi-Fi networks can allow hackers to see everything on your screen, including usernames, passwords, and credit card numbers.

Fraudsters rarely target specific people. Rather, they cast a wide net and hope to lure in those who are either careless or uninformed. That’s why we’ve assembled a list seven tips that should greatly reduce your risk of being tricked.

1. Stick to trusted brands and sites

Despite past high-profile credit card breaches at places like Target, the big names in retail go to great lengths to secure their sites and mobile apps to ensure safe shopping. But before you click that “buy” button, you should still make sure to check that the website is safe to buy from:

Double check that the name is spelled right in the URL (so “target.com” not “targett.com”)

If you use a company’s app, make sure it’s legitimate

Be wary of anything that seems off, like colors that don’t match the brand, or lots of typos or spelling errors

When visiting an e-shop in your browser, make sure it uses SSL (Secure Sockets Layer) encryption. This creates a secure line of communication between your PC and the ecommerce site. Just look for the “S” at the end of HTTP in the address bar of your browser. (It sometimes appears only after you’ve logged in or clicked to the cart.)

Look for the "S" at the end of the http.

2. Scrutinize all offers, alerts, or warnings

A warning that your account will be closed unless you send in essential information; that could be a scam. A coupon just for you waiting in your inbox; that’s probably a scam. A chance to be a mystery shopper if you provide bank info, also a scam. That super cute wallpaper with the holiday theme — scam, scam, scam. That package notice that tells you to click here (but doesn’t quite look like UPS) — scam! Those Facebook promotions that take you to external sites — SCAMS!

Okay, okay, not everything is a scam, and we want to avoid fear mongering. The key here is to scrutinize any offer, alert, or warning. Deals that look too good to be true usually are. Anything that asks for personal information or credit cards by email is very likely criminal. Check the email address of the sender and mouseover any links (but don’t click) to see where they really take you. And pop-up windows NOT from your antivirus provider that warn you that your PC is infected should be closed along with the site that launched them.

Legitimate retailers will never threaten to close your accounts if you don’t send crucial information. In fact, they will never ask for account or personal information by email (or phone, for that matter). So if you have even the slightest doubts about the probity of emails, messages, pop-ups, websites, offers, and so forth, don’t click, reply, or call. Close all the windows and move on.

3. Use your own kit

By this we mean hardware and software. Never shop or check email using a PC at a café, hotel, library, or other public location that may be used by multiple people. If you must shop through public Wi-Fi (using only your own device), always use a VPN (virtual private network). A personal VPN such as AVG Secure VPN encrypts all the data traveling between your device and the retailer’s payment portal to keep it secure. And if you have a decent data plan and LTE, use your smartphone and your mobile connection instead of public Wi-Fi when out and about.

4. Use a credit card & check for return policies

You should always use credit cards for shopping online (not debit cards!). Credit cards usually offer greater buyer protections, with set limits on how much you are liable for if someone steals your number or rips you off. And online payment systems such as PayPal, Google Wallet, Stripe, and Payoneer provide an extra layer between you and retailers, meaning you never share personal or account information with the retailers.

Meanwhile, legitimate retailers almost always allow returns. Online retailers usually have a no-questions asked return policy. Traditional brick-and-mortar retailers often allow you to return items purchased online at physical stores. If return policies do not exist, are hard to find, or in any way convoluted, find another shop.

5. Deploy ultra-strong passwords (and a password manager)

One of the best things you can do to ensure safety while shopping online is also one of the most basic: use a strong password. This applies to all accounts on all sites you access. Don’t repeat passwords or use easy-to-crack variations — that’s right, you need a unique password for each and every account. Given that this can mean dozens of passwords that are difficult to remember, we also suggest you use a password manager.

6. Update your system

For Windows, Microsoft regularly issues updates and security patches. To fully implement them, you often need to restart your PC. If you’re like many people, you might leave your PC on for days or even weeks at a time (putting your PC to sleep or into hibernation doesn’t count). So it’s a good idea to check if any updates are waiting to be installed before you embark on a shopping spree. To do this in Windows 8 and 10, simply go to the Microsoft/Start Menu and type “Windows updates”, then click on the eponymous icon.

Here’s how that looks in Windows 8:

Just type in Windows update

The resulting Window then lets you check for updates; or it tells you if there are updates waiting and that the PC needs to restart. For instance:

Make sure you restart your PC!

Make sure you have everything saved and bookmarked before. Then restart.

The process is basically the same in Windows 10. Here’s what the update screen looks like:

7. Build a fortress around your PC

If you don’t have antivirus software, be sure to get it. Even better, get a paid version that also has extra spam, hacker, and download protection, such as AVG Internet Security. While this is a shameless plug, it is also a serious suggestion. The added layers of protection stop scammers from infiltrating your inbox, block hackers, and check downloads for safety before they land on your hard drive. Even security experts have accidentally clicked a link they shouldn’t have because they were tired or trying to do something quickly. So the more safeguards you have in place, the better.

Final thought

As the above list suggests, caution should be your guiding principle for shopping online. If something looks fishy or off, don’t take any chances. Shut everything down, run a virus scan, restart the PC, and start over. There are almost endless options for online shopping out there, so make sure to choose one that will make your day, not ruin it.