Is Your Online Shopping App Invading Your Privacy?

Online shopping has become a common activity for many people. It’s convenient, easy, and allows us to buy items from the comfort of our homes. But with the rise of online shopping, there are concerns about privacy and security.

Not all shopping apps are created equally. Often people get excited and install an app without checking privacy practices. Apps can collect more data from your smartphone than you realize. Whether you use your phone for personal use, business use, or both, your data can be at risk. So can your privacy.

Shady Data Collection Practices from Popular Shopping App SHEIN

Recently, security experts found a popular shopping app spying on users’ copy-and-paste activity. This app was tracking users’ keystrokes, screenshots, and even their GPS location. This raises the question: Is your online shopping app invading your privacy?

SHEIN is the app in question, and it’s a popular shopping app with millions of users. According to reports, researchers found the app collecting data from users’ clipboards. This included any text that users copied and pasted. This means that if the user copied and pasted sensitive information, the app would have access to it including things like passwords or credit card numbers.

Not only that but the app was also found to be tracking users’ GPS location. SHEIN was also collecting data from device sensors, including the accelerometer and gyroscope. This means that the app was able to track users’ movements. As well as collecting information about how they were using their device.

The app’s developers claimed that the data collection was for “optimizing user experience.” A very vague explanation that’s used by other app developers as well. The developers stated that the collected data was only used for internal purposes. But this explanation wasn’t enough to please privacy experts. Those experts raised concerns about the app’s data collection practices.

Temu Data Collection Practices Questioned

This isn’t the first time people caught an app grabbing data without users’ knowledge. Many popular apps collect data from their users, often for targeted advertising purposes.

The popularity of the shopping app Temu has been exploding recently. Since the app appeared in a Superbowl Ad in 2023, people have been flocking to it.

But Temu is another shopping app with questionable data collection practices. Some of the data that Temu collects includes:

  • Your name, address, phone number
  • Details you enter, like birthday, photo, and social profiles
  • Your phone’s operating system and version
  • Your IPS address and GPS location (if enabled)
  • Your browsing data

So, what can you do to protect your privacy when using online shopping apps? Read on for a few tips.

Tips to Protect Your Privacy When Using Shopping Apps

 

Know What You’re Getting Into (Read the Privacy Policy)

Yes, it’s hard to stop and read a long privacy policy when you just want to use an app. But, if you don’t, you could end up sharing a lot more than you realize.

Before downloading an app, make sure to read its privacy policy. This will give you an idea of what data the app takes and how it’s used. You can try searching keywords like “collect” and “your data” to save time. This can help you jump to data collection details.

If you do this before you download, you may change your mind. After learning how much data the app collects from you, you may decide it just isn’t worth it.

Turn Off Sharing Features

Turn off any data-sharing features you don’t need in your phone’s settings. Such as location services. Most smartphones allow you to choose which apps you want to use it with.

Explore both your phone settings and the app’s settings to restrict data sharing as much as possible.

Remove Apps You Don’t Use

If you’re not using the app regularly, remove it from your phone. Having unused apps on your phone is a big risk. Even if they’re not actively in use, those apps can still collect data. For example, browsing activity or your activity in other mobile apps.

Research Apps Before You Download

It’s easy to get caught up in a fad. You hear your friend talk about an app, and you want to check it out. But it pays to research before you download. Look up the app and check security and data collection keywords. Inform yourself first before downloading an app that might be compromising your device data and activity.

Shop on a Website Instead

You can limit the dangerous data collection of shopping apps by using a website instead. Most legitimate companies have an official website. One where you can buy the same things as you can buy using the app.

Improve Your Mobile Device Security

Mobile devices are regularly used more than computers. But they often lack the a desktop computer’s level of security. Give us a call today to schedule a chat about protecting your mobile device data.

 


Featured Image Credit

This Article, adapted, has been Republished with Permission from The Technology Press.

9 Urgent Security Tips for Online Holiday Shopping

The holiday shopping season is taking off! Alas, this also means that scammers have also revved up their engines, too—they’re primed and ready to take advantage of all those online transactions.

Don’t forget to stay safe online during the buying frenzy that occurs this time of year. We here at Firewell Technology Solutions believe that an ounce of cybersecurity prevention is definitely worth a pound of cure. It can also save you from a financial or privacy nightmare.

That being said, here are some of the most critical safety tips to improve your online holiday shopping.

Check for Device Updates Before You Shop

Computers, tablets, and smartphones that have old software are vulnerable. While you may not want to wait through a 10-minute iPhone update, it’s going to keep you more secure.

Hackers often use vulnerabilities found in device operating systems. Updates install patches for known vulnerabilities, reducing your risk. Make sure to install all updates before you use your device for online holiday shopping.

Don’t Go to Websites from Email Links

Yes, it’s annoying to have to type in “amazon.com” rather than just clicking a link in an email. But phishing scams are at an all-time high this time of year. If you click on an email link to a malicious site, it can start an auto-download of malware.

It’s best to avoid clicking email links; instead, visit the website directly. If you want to make things easier, save sites as shopping bookmarks in your browser. This is safer than clicking a text or email link.

Use a Wallet App Where Possible

It’s always a risk when you give your debit or credit card to a website. The risk is even higher if you’re doing holiday shopping on a site you haven’t purchased from before.

Where possible, buy using a wallet app or PayPal. This eliminates the need to give your payment card details directly to the merchant. Instead, you share them with the wallet app service (Apple Pay, Google Pay, PayPal, etc.). But the retailer doesn’t get them.

Remove Any Saved Payment Cards After Checking Out

There are many websites (including Amazon) that automatically save your payment card details. This is bad. Yes, it may make the next buy more convenient, but it puts you at risk. A hacker with access to your device or account could make purchases.

There is also the risk of a data breach of the retailer. These are common and can leak sensitive customer payment information. The fewer databases you allow to store your payment details, the better for your security.

Immediately after you check out, remove your payment card from the site. You will usually need to go to your account settings to do this.

Make Sure the Site Uses HTTPS (Emphasis on “S”)

HTTPS has become the standard for websites now. This is instead of “HTTP” without the “S” on the end. HTTPS means that a website encrypts the data transmitted through the site. Such as your name, address, and payment information.

You should NEVER shop on a website that doesn’t use HTTPS in the address bar. An extra indicator is a small lock icon in front of the website address.

Double Check the Site URL

We all make typos from time to time. Especially when typing on a small smartphone screen. One typo can land you on a copycat site (such as Amazonn(dot)com).

Hackers buy domains that are close to the real ones for popular retailers. Then they put up copycat sites designed to fool users that make a mistake when typing the URL.

Take those extra few seconds to double-check that you’ve landed on the correct website. Do this before you start shopping.

Never Shop Online When on Public Wi-Fi

When you connect your device to public Wi-Fi, you might as well expect a stranger to be stalking you. Hackers LOVE the holiday shopping season and will hang out in popular public Wi-Fi spots.

They spy on the activities of other devices connected to that same free hotspot. This can give them access to everything you type in such as passwords and credit card information.

Never shop online when you’re connected to a public Wi-Fi network. Instead, switch off Wi-Fi and move to your mobile carrier’s connection.

Be On High Alert for Brand Impersonation Emails & Texts

Phishing scammers were very active during the holiday shopping season of 2021. There was a 397% increase in typo-squatting domains connected to phishing attacks.

While you need to be careful all the time about phishing, it’s even worse during the holiday season. Attackers know that people are expecting retailer holiday sales emails. They also get a flurry of order confirmations and shipping notices this time of year.

Hackers use these emails as templates. They impersonate brands like Target, UPS, Amazon, and others. Their emails look nearly identical to the real thing. They trick you to get you to click and/or log in to a malicious website.

Be on high alert for brand impersonation emails. This is another reason why it’s always better to go to a site directly, rather than by using an email link.

Enable Banking Alerts & Check Your Account

Check your bank account regularly. Look for any suspicious charges that could signal a breach. One way to automate a monitoring process is to set up banking alerts through your online banking app.

For example, many banks allow you to set up alerts for events such as:

  • When a purchase occurs over a specified dollar amount
  • When a purchase occurs from outside the country

How Secure Is Your Mobile Device?

Mobile malware is often deployed in holiday shopping scams. How secure is your device from malicious apps and malware? Contact Firewell Technology Solutions today for a security checkup.

 


Featured Image Credit

This Article, adapted, has been Republished with Permission from The Technology Press.