Shop at Secure and Trustworthy Websites
On the webpage where you enter your personal or financial information, and if you look at the top of your screen where the website address is displayed, you should see “https
://”. The "s
" that is displayed after "http" indicates that website is secure.
Look for a tiny closed padlock displayed in the address bar or at the bottom of your window. If that lock is open, you should assume it is not a secure site.
Make sure to read the merchant's privacy and security policies to learn how it safeguards your personal data on its computers.
How to Recognize Spoofed Websites
Some cyber criminals use phishing scams to set up convincing spoofs of legitimate websites. They then try to trick you into visiting these websites and disclosing personal or financial information; such as your credit card number or password.
The spoofed site is usually designed to look like the legitimate site, sometimes using components from the legitimate site. Do not rely on the text in the address bar as an indication that you are at the site you think you are. There are several ways to get the address bar in a browser to display something other than the site you are on.
Cyber criminals also use web addresses that resemble the name of a well-known company but are slightly altered by adding, omitting or transposing letters. For example, the address "www.onecard.net" could appear instead as:
If you enter the wrong URL you might be taken to a site that looks exactly like the site you want to go. However, when you enter any login details or personal or financial information on that website, the entered data will be directly transferred to those cyber criminals.
Create Strong Passwords and Keep Them Private
Strong passwords are important protections to help you have safer online transactions. An ideal password is long and has letters, punctuation, symbols and numbers.
- Whenever possible, use at least 14 characters or more.
- The greater the variety of characters in your password, the better.
- Use the entire keyboard, not just the letters and characters you use or see most often.
Cyber criminals use sophisticated tools that can rapidly decipher passwords. Avoid creating passwords using sequences or repeated characters; such as “12345678,” “222222,” “abcdefg” or adjacent letters on your keyboard (qwerty). Also, avoid creating passwords using personal information; such as your name, birthday, driver's license, passport number or similar information.
Treat your passwords with as much care as you treat the information that they protect:
- Never provide your password over email or in response to an email request.
- Do not type passwords on computers that you do not control.
- Do not reveal passwords to others.
- Do not store passwords on your computer but keep them in a safe place.
- Use different passwords for different websites and services.
OneCard and or its representatives will NEVER ask you to reveal your password. There are NO EXCEPTIONS to this policy. If anyone asks for your password by phone or by email, or on any website other than onecard.net, refuse and immediately report this to firstname.lastname@example.org.
Do not Fall for "Phishing" Messages
Identity thieves send massive numbers of email messages to Internet users that ask them to update the account information for their banks, credit cards, online payment service or popular shopping sites. The email message may state that your account information has expired, been compromised or lost, and that you need to immediately resend it to the company.
Some email messages are sent as part of such “phishing” expeditions often contain links to official-looking WebPages. Other times the email messages ask the consumer to download and submit an electronic form.
Remember, legitimate businesses do not ask for sensitive information via email. Do not respond to any request for financial information that comes to you in an email message. Again, do not click on any link embedded within a suspicious email message, and always call the retailer or financial institution to verify your account status before divulging any information.
Never Give Out Your Social Security Number
Providing your Social Security number is not a requirement for placing an order at an e-commerce website. There is no need for the merchant to ask for it. Giving out your Social Security number could lead to having your identity stolen.
Pay Attention to Shipping Facts
Under the law, a company must ship your order within the time stated in its ad. If no time frame is stated, the merchant must ship the product in 30 days or give you an "Option Notice." This gives you an opportunity to cancel the order and receive a prompt refund, or agree to the delay.
Here are key shipping questions to ask:
- Does the site tell you if there are geographic or other restrictions for delivery?
- Are there choices for shipping?
- Who pays the shipping cost?
- What does the site say about shipping insurance?
- What are the shipping and handling fees, and are they reasonable?