According to a recent report from online safety campaigners, Get Safe Online, online fraud cost the UK around £10.9 billion in 2016. That’s a whopping £210 per adult.

Online shopping is a top target for fraudsters. They want to kid you into thinking they’re a real shop with real products, so you’ll hand over your hard earned cash.

Fraud doesn’t have to be about money, either. Data breaches could give people access to your phone number or email address. And that means those annoying cold calls or spammy emails that are so frustrating.

Avoiding this type of crime could be as simple as knowing what to look out for. If something doesn’t look right, it probably isn’t. Below, we’ll take you through some of the things that you should and shouldn’t see when you’re shopping online.

Things to look out for

Sites should have the letters, ‘HTTPS’ before their URL

We know this sounds like a load of technical mumbo-jumbo, but it’s actually really simple. And really important. Most sites will have the letters ‘HTTP’ before their URL (their web address). At the risk of boring some of you, HTTP stands for Hyper Text Transfer Protocol and is the weird cyber language that the internet uses.

We care about sites that have an ‘S’ after the HTTP. The S means the site has extra security that helps keep fraudsters at bay. Some sites, like ours, will have HTTPS on the entire site (every single page you click on). Others will only have it on checkout.

If a site doesn’t have HTTPS on their checkout, make sure you use a payment provider.

Make sure payment providers are legitimate

A lot of online shops won’t process payments themselves. That’s because they don’t have the time to check everyone’s card details and make sure they are who they say they are.

Instead, they’ll use a payment provider. You’ll have heard of many of these: Paypal, Amazon Pay, Apple Pay, Worldpay etc. Some of these allow you to make payments on the site itself. Some will take you off to a separate payment page.

Most of the time, the website you’re shopping from will tell you that the payment provider opens in a separate ‘window’. When the new window opens, take a look at the URL (e.g and the payment provider logo.

Then, do a google search.

If the payment provider's main website address is different to the one in the payment ‘window’ (e.g it has instead of .com), cancel the payment and contact the shop immediately.

The URL is real

Some criminals will create duplicate websites that look and work exactly the same as the original. They hope that you won’t be able to tell the difference.

But, it’s easy to spot these fake sites. No two web addresses can be the same, so the fake site will have to have a different address to the real one. Do a google search for the company and make sure the URL you find matches the one you’re looking at.

Things to avoid

Asking you for details you don’t feel are reasonable

A website will need certain information to make sure you are who you say you are, but they shouldn’t need any ‘sensitive data’.

Sensitive data is information such as ethnic background, religious or political beliefs, mental health history, or criminal record.

If the site asks you for this kind of information, you should ask yourself why they need to know.

Funny-looking sales emails

From time to time, companies will send you emails inviting you to make the most of their latest offers. These can be a good way of saving money, but they can also be another opportunity for fraudsters to target you.

Criminals often copy the look and style of a company and send emails pretending to be them. Here is a quick checklist to bear in mind before you open any email:

- Were you expecting it? Have you signed up to receive emails from that company?

- Does the ‘from’ address look real? (for instance, looks real. does not.)

- Is the subject line grammatically correct? (Big companies spend a lot of money on getting these emails right. They wouldn’t let silly things like misspellings go out to customers).

- Is the subject line personalised? A lot of fraud emails will be vague e.g Dear Valued Customer.

- Does it offer you something that seems too good to be true? e.g you are the winner of….

Once you feel comfortable enough to open it:

- Does all the branding and font look correct?

- Hover over a link before you click it. A yellow box should appear which shows where the link will take you. Does the link take you where it says it will?

Making yourself as safe as possible

So now you know a few things to look out for. But being safe when shopping online isn’t limited to making purchases. Make sure that whenever you’re inputting information online, you make it as secure as possible.


Passwords should be as complicated and random as possible. They should have nothing to do with you and shouldn’t be stored anywhere.

A good rule of thumb is the 3 random word rule. With this rule, the password should be 3 unconnected words and include a number, a capital letter and punctuation. For example:


It is also good practice to change your passwords regularly.


Firewalls are basically security walls for use on a desktop computer. They limit the types of site you can go on (usually alerting you if you’re heading for a dodgy-looking website). You can buy good firewall and defence packages from most good computer shops.

Update your device

After making sure your personal photos and information are secure in another safe location, update your device when prompted. Updates often come with updated security and are harder to access for criminals.

Don’t do it if it doesn’t feel right

The key advice from all of these tips is: if you’re not sure, don’t take the risk. The fraudsters rely on you not being vigilant, so stay one step ahead.


Disclaimer: Satsuma is not responsible for the content of the linked sites and we are not liable for any losses caused by the use of the suggested sites.