Consumer risks when shopping online

Contributed by JaneBlack and Kim Parker, as amended by MichaelBarritt and current to December 2024

Online shopping has become an integral part of modern life, offering the convenience of browsing and purchasing from home. It also allows consumers to purchase from a wide variety of businesses, products, and services that may not be available in their local area.

However, it also comes with risks. Cybercriminals frequently target online shoppers, hoping to steal sensitive information or deceive people into fraudulent transactions.

Below, we detail some of the most prevalent dangers and other risks and strategies of online shopping and provide guidance on minimising these risks.

Consumer rights online

When purchasing online, Australians have the same protections and rights under Australian Consumer Law as when shopping at a brick-and-mortar store. This is only the case if the website accepts orders from Australia and mails its products to Australia. However, it is important to remember that seeking a remedy for faulty goods may be more challenging, particularly if the product was purchased from a little-known business or country. Avoid buying online from countries with a reputation for internet fraud and scam activity.

False and misleading advertising and other poor business practices are more common online. Take your time to read product descriptions, business reviews and T&Cs. Searching for and purchasing the lowest-priced products seems like a wise shopping decision, but this increases the risk when shopping online. These websites are often scam websites with stolen images and fraudulent information.

See Contracts and consumer protection for more information on your consumer rights and what to do if you think your rights have been breached.

Is the transaction with a private individual or a business?

Knowing if you’re purchasing online from a private individual or a business is essential. The Australian Consumer Law (ACL) ONLY applies when you buy from a business. You have NO protections when purchasing from a private individual under the ACL.

Many people purchase goods and services from online marketplaces like Meta / Facebook Marketplace, eBay, Etsy and Gumtree. You may be buying from either a registered business or a private person, and it’s sometimes different to determine which. These online marketplaces have their terms and conditions, complaint processes, and refund policies. It is important to understand their policies and consider the risks when purchasing.

Online transactions

As you shop online more you'll become more knowledgeable about the processes involved. You may become more knowledgeable but it's important to avoid becoming too impulsive - this is when mistakes are made.

You should find out the full details of the transaction before you pay. There should be terms and conditions and you should read them all carefully and keep a copy. They will tell you your rights and responsibilities under the agreement and the trader's rights and responsibilities. When purchasing online, it is always important to:

• Read the product description, including the quality
• Carefully examine any images provided
• Carefully consider measurements of goods
• Check that the price is in Australian dollars, including additional costs such as delivery, insurance and credit card charges.
• Check for any return/exchange/refund/warranty policies the trader has regarding the transaction. Remember that a trader cannot exclude, restrict or modify a consumer's rights under ACL consumer guarantees. See Consumer Guarantees
• whether any manufacturers or express warranties also apply
• when and how delivery will take place
• the terms of any insurance (for example, does it include damage to the goods while being delivered?)
• the trader's policy on handling complaints, resolving disputes and dealing with warranty claims
• Please read the terms and conditions of the agreement very carefully because they explain what you and the trader are agreeing to do.
• Keep all correspondence (including emails) between you and the trader, and make a copy of any forms that you fill in and any offers on web pages that you accept, as they will be relevant to your transaction.
• Screenshot receipts/booking numbers of all online sales. Don't just rely on the business to email these details to you.

Identity theft and data breaches

Use strong, unique passwords for each shopping site. Avoid reusing passwords across platforms, as a single breach can jeopardise multiple accounts. Use password manager software to manage various passwords.

If your shopping site offers two-factor authentication (2FA), use it. 2FA adds a layer of security by requiring a second form of verification, such as verifying a text message code sent to your mobile phone.

Monitor bank account and credit card statements regularly. Identify suspicious activity quickly and report it immediately to seek a chargeback.

Phishing Scams

Phishing is a common method cybercriminals use to trick individuals into revealing personal information. Often disguised as official communications from trusted companies, these scams can come in emails, text messages, or pop-up ads containing malicious links. Victims who click on these links might be directed to fake websites designed to capture their login credentials or credit card numbers.

How to avoid phishing scams

Before clicking on any link, verify that the sender's email address matches the business's official web address.

Avoid clicking on links in suspicious emails. If a message seems a little 'off' or asks for sensitive information, visit the site directly by typing in its URL rather than using links in the email. Slowing down and being cautious when checking emails and text messages is important. If you rush, you are likely to click on a link that you would typically ignore.

Legitimate websites generally use "https" in their URLs. Look for this and a lock icon in the browser's address bar to verify that the connection is secure.

Only purchase from well-known and respected online businesses. Chasing the lowest price available can mean that you may quickly discover fraudulent, fake websites.

Fake websites and counterfeit products

Some websites appear professional but are fraudulent, set up solely to deceive and steal from online shoppers. These fake websites may mimic popular retailers or offer goods at unrealistically low prices to entice customers. Another danger is the sale of counterfeit goods, where the buyer ends up with a product of poor quality or something completely different from what was advertised.

Fake websites have increased in Australia, often targeting high-priced items like caravans, RVs, motorhomes, farm and used machinery. These sites can be easily created with modern software with little effort or expertise. Images are stolen from elsewhere on the internet.

Fake website warning signs

Fake websites often display unrealistically low prices, often half the current market value of similar products. Scammers usually lure buyers with extremely low prices to prompt impulsive purchases before consumers can consider the purchase carefully. If the deal seems too good to be true, it's likely a scam.

Many fake sites list false or remote addresses. Using Google Street View to verify business locations can help confirm legitimacy. Call nearby businesses to double-check if the listed business you are interested in actually exists at the listed address.

Updating your device and antivirus software can protect you from malware and alert you to suspicious websites. Reputable antivirus software can detect potentially dangerous sites and will warn you of newly created websites (which can be a good indication that a website is fake).

Websites are easily created with inexpensive software. Gone are the days when fake websites included spelling mistakes and poor grammar. However, these fake websites usually include ridiculous claims, like excessive warranties or industry awards.

Check the domain and URL. Scammers often use URLs mimicking real websites, with slight variations. Confirm the URL's accuracy, look for a lock icon (indicating SSL encryption), and avoid unsecured payment methods.

Search for reviews on independent sites and verify the Australian Business Number (ABN) when provided. However, fake websites will often mimic real Australian businesses and steal their ABN.

Legitimate websites often have contact information and a privacy policy. Be wary if these are missing or if the phone number repeatedly sends you to a message bank.

If you suspect a website is fake, report it to Northern Territory Consumer Affairs on 1800 019 319. NT Consumer Affairs regularly expose fake website warnings (and post other scam warnings) on their Facebook page.

How to avoid fake websites

Shop from reputable websites only. Try to use only well-known, established retailers or marketplaces. If you're interested in a less familiar site, search for reviews from other customers.

Be cautious of deals that seem too good to be true. If a product is significantly cheaper than its average online price, it is likely a scam. Before purchasing online, search various websites to get an idea of the range of pricing you are expected to pay for an item. If a website offers pricing well below the normal, this may be your only indication that it is a fake website.

Always take the time to verify a website's contact information. Legitimate businesses will always list legitimate contact information, including phone numbers and a physical address. A legitimate business, even a small business, usually has an online presence beyond just its website. If it does not, this can be considered a red flag.

Buying from overseas websites

Purchasing products from websites located in other countries can be risky. Much depends on the stability and consumer laws of the country. Some countries have a poor e-commerce reputation. Scammers operate with impunity from these countries, so avoid purchasing from them.

You do have full protection under the Australian Consumer Law when shopping online, but remember, this is only the case if the website accepts orders from Australia and mails its products to Australia.

Online shops should act responsibly and keep people safe by complying with the safety and e-commerce rules of the consumer´s country of residence, but this is not always the case. Learn more here from ACCC Product Safety.

Always look for the warning signs:

• Extremely low prices
• Payments are made through direct bank deposits, money transfers, or digital currencies.
• Newly created websites or have limited information about delivery, return and privacy policies.

Remember to ensure the devices you use for online shopping have the latest updates installed and are connected to a trusted network. Avoid public WiFi when shopping online.

Malware and spyware

Users risk encountering malicious software, such as malware or spyware when shopping online. Malware can infect devices in various ways, including through infected ads or compromised websites, and can capture sensitive data or damage files. Spyware monitors a user's activities, capturing information such as login credentials, banking information, or credit card numbers.

How to avoid It malware and spyware

• Install reputable antivirus software on all the devices you use online. A strong antivirus program can detect and remove many types of malware before they cause harm.
• Update your software regularly, including your operating system, apps, browsers, and antivirus software. Ensure they are up-to-date to protect against the latest security threats and are set for automatic updates.
• Avoid downloading unverified apps or extensions. Only download software from reputable sources, as malicious programs often hide in downloads. Google Play and the Apple Store offer a range of apps that have already been checked for malicious software.

Scams

If the deal seems too good to be true, it might be a scam. Online shopping scams can involve scammers pretending to be legitimate online sellers, either with a fake website or a fake ad on a genuine retailer site. Consumers should check carefully to ensure they are not being scammed. Some of the warning signs of scams are:

• a product is advertised at an unbelievably low price, or advertised to have amazing benefits or features that sound too good to be true
• the other party insists on immediate payment, or payment by electronic funds transfer or a wire service. They may insist that you pay up-front for vouchers before you can access a cheap deal or a give-away
• an online auction seller and any initial bidders have a very poor rating, or the seller wants to complete the sale outside of the auction website. If you do this, you lose any protection offered by the website operator
• an online retailer does not provide adequate information about privacy, terms and conditions of use, dispute resolution or contact details
• the seller may be based overseas, or the seller does not allow payment through a secure payment service such as PayPal or a credit card transaction

The ACCC Scamwatch website provides detailed information about current scams and what to look out for.

Insecure payment methods

Not all online payment methods provide equal security. Some forms of payment, such as direct bank transfers, can leave you vulnerable if a transaction turns out to be fraudulent. Cybercriminals often exploit insecure payment methods, as they lack the protections of credit card and payment platforms.

How to avoid insecure payment methods:

• Use credit cards or reputable payment processors only. Credit cards typically offer better protection against fraud than debit cards or bank transfers. Third-party payment services like PayPal can add an extra layer of security.
• Never transfer money directly into a bank account via direct bank transfer. You have little or no chance to retrieve these funds if it is a scam.
• Avoid using public Wi-Fi for transactions. Public Wi-Fi is often unsecured, making it easier for hackers to intercept your payment information. Only complete transactions over secure private networks.
• Consider using virtual credit cards. Many banks and financial institutions offer virtual credit cards, which generate temporary card numbers that can be used for online purchases.

Unreliable customer support and returns policies

An often overlooked danger of online shopping is the need for more reliable customer support when something goes wrong with the product. Sometimes, returning a faulty item can take considerable time and effort. Unscrupulous businesses might refuse to offer refunds or make the return process difficult, leaving customers with faulty or incorrect products. Some online businesses, however, deal with many returns each day and can be surprisingly efficient in providing a replacement or refund. Many online businesses are aware of the damage that a poor online review can cause and are willing to go beyond the protection provided in the Australian Consumer Law (as well as their own returns policy) to avoid such negative reviews.

How to avoid unreliable customer support and returns policies:

• Read the return policy before purchasing and make sure you understand the terms.
• Check for contact options. A reputable online business will provide ways to contact support by phone or email.
• Check for independent online reviews. Read recent customer support experiences to avoid businesses with a poor reputation.

Dark patterns

Dark patterns are tactics some businesses use to manipulate consumers into spending more or sharing unnecessary personal data. They are common in online shopping, apps, emails, and text messages, and often influence decisions about subscriptions, privacy terms, or services.

Common Dark Patterns:

• Hidden costs and drip pricing: Extra fees are revealed only at the end of a purchase or presented as pre-selected add-ons.
• Scarcity cues: Fake urgency alerts to rush the consumer into purchasing by using countdowns or "low stock" notices.
• Confirm shaming: Language designed to make consumers feel bad if they don't buy, such as "No thanks, I prefer to pay full price."
• Forced continuity: Subscriptions that are easy to join but difficult to cancel.
• Data grabs: Requests for unnecessary personal information, often used to on-sell data.
• Disguised ads: Clickbait or ads designed to look like genuine content, especially on social media.
• False hierarchy: Presenting certain options prominently to nudge you toward the business's preferred choice.

Avoiding Dark Patterns

Consumers can protect themselves by taking the time to research, compare alternatives, read terms and conditions, and check reviews. Avoid rushing into purchases and be mindful of tactics meant to obscure costs or create urgency. If you're feeling pressured, click out of the website and purchase elsewhere on the internet.

Learn more about dark patterns here.

Drip pricing

Depending on what an online business sells, the price can include additional fees and charges for the goods and services. For example, some businesses charge booking and service fees that arise when purchasing goods online through a particular payment method. These additional fees and charges must clearly be disclosed to you at the beginning of the online purchasing process. This ensures the consumer can make an informed choice whether to purchase or not.

Drip pricing is where a headline price is advertised at the beginning of an online purchasing process and additional fees and charges which may be unavoidable are then incrementally disclosed or "dripped". Drip pricing may, in some cases, mislead you into paying more than you expected for a product.

When shopping online, it can be easy to become invested in long and complex booking processes. To avoid drip pricing:

• Be aware of misleading drip pricing practices when shopping online for services in the airline, ticketing, accommodation, and vehicle rental sectors.
• Shop around and be aware that you may need to pay more than what was advertised. Add all the charges together. Don't just focus on the advertised price as the cheapest advertised price may not be the final price.
• Be prepared to back out of the transaction, especially when you start to encounter additional charges.
• Look out for pre-selections and make sure you deselect anything you do not want to purchase.
• Do NOT rush when shopping online. Thoroughly check your booking before you make any final payments.
• Provide an honest online review about businesses that use drip pricing strategies.

If, during an online purchasing process, you experience additional charges that were not adequately disclosed at the beginning of the process, send the business a complaint email asking for redress. Suppose they fail to respond or fail to provide some form of compensation. In that case, you can then lodge a complaint with Northern Territory Consumer Affairs (NTCA).

Online product reviews

Reviews about goods or services may appear on a business' own site, on social media, in a news article, or on a review platform. Review platforms are sites which specialise in presenting product reviews about a range of competing businesses.

When relying on online product reviews for information about goods and services, consumers should be aware that not all posted reviews are legitimate.

It is illegal to post a fraudulent online review in Australia but the practice does happen and in many countries the practice is not outlawed. Artificial intelligence has now made it hard to identify a fake review.

Here are a few tips for consumers who rely on online product reviews:

• seek information from multiple sources
• look at multiple reviews and comments about the same business and take note of any irregularities, such as a spike in positive reviews over a short period of time or multiple reviews with a similar tone and vocabulary, as they may have been posted by the same person
• be wary of reviewers or online contributors whose profile indicates that they have only ever written one review. The profile may have been created to write a fake review.
• use platforms which require proof of purchase before a review can be written are likely to be more reliable than those which do not.
• check to see whether the review platform has commercial arrangements with reviewed businesses.
• be wary of review platforms with overwhelmingly high reviews. This may be attributable to the deletion of credible negative reviews by the review platform.

Many consumers ignore online reviews and choose instead to ask their local Facebook community page, colleagues, friends or family.

Buying through online auctions

When you buy through an online auction, you may be buying from an individual or a business. eBay is an example of an online auction site where both businesses and non-businesses sell goods.

There are generally three types of auctions available online. The type of auction impacts who you might get help from should something go wrong.

• marketplace online auctions - these are a popular way of buying, with a well-known example being eBay. In these virtual markets, a business sets up the website and provides a set of rules and guidelines, but it is mostly left to the individual buyers and sellers to deal directly with each other. In these types of auctions, the business running the website may not be directly involved in the auction process and may not be an agent for the seller.
• traditional auctions - this is where the auctioneer acts on behalf of the seller of the goods. Instead of interested buyers gathering together in person, an online auction house uses a website to create a virtual auction. In this type of auction, the auctioneer may be an agent for the seller.
• auctions are conducted by businesses - this is where the business running the website offers its own products for sale through an auction process.

Before making a bid

• make sure your device has up-to-date security and anti-virus software installed.
• work out what type of auction it is - marketplace online auction (e.g. eBay), traditional auction, or an auction conducted by a business.
• read the auctioneer's terms and conditions, policies and rules to understand the service the auctioneer provides and what to expect.
• if there is a tutorial on the auctioneer's website on how to use the site, take it to familiarise yourself with the services offered and the process involved in purchasing.
• look at how the auctioneer handles frauds and complaints. Some auction sites offer protection to successful bidders in the form of free insurance of up to a specified amount when things go wrong, for example, if the item purchased is not delivered.
• verify the seller's identity and contact details, if possible.
• make arrangements with the seller about what to do if there is a problem.
• If you have any queries, contact the seller. If the seller's answers are unsatisfactory, do not bid.
• Check feedback, comments, or ratings about the site or seller on the website or other websites. Comments from previous purchasers will help you decide whether to go ahead.
• know the product that interests you and shop around. Look at the market or retail price, the written description, any product photographs, and any warranties.
• find out the terms of sale, including:
  • who pays for shipping and handling
  • whether there is insurance, what it covers, who pays for it and what it costs
  • whether there is a return policy
  • whether any express warranties apply to the goods or services and any conditions attached to those warranties
  • whether there is any acknowledgement that the automatic ACL consumer guarantees apply to the goods or services
  • what payment mechanism can be used.

When making a bid or purchase

Work out the maximum price you are willing to pay and do not exceed it. It should include all costs, including insurance, taxes, booking fees, credit card surcharges, shipping and handling.

Setting limits on your willingness to pay means you will not be tempted to bid too much for an item. Auction websites do not permit fake bids, but they may occur.

'Buy it now' option - many auction sites give you the option to buy now without having to bid. If you choose to buy immediately, you will have all your usual shopping rights unless the seller is a private individual and it is a one-off sale.

If something goes wrong in your auction transaction or you feel yourself defrauded, you should take the matter up immediately with the auctioneer or the online seller. If you are not satisfied with their response, contact Northern Territory Consumer Affairs.

Using comparison websites

Comparison websites compare products like insurance, superannuation, credit cards and home loans – any product, but especially those that can be complex to compare easily. They appear to be a convenient way to compare costs and features in one place.

Still, it’s important to be aware of their limitations:

• Comparison websites are businesses – they make money in various ways, such as:
  • from sponsored links
  • by showing sponsored links before non-sponsored links
  • from commissions paid by providers
• ratings and ranking are sometimes not clearly explained
• Not all available products are compared
• Sometimes price is NOT the most important consideration when purchasing
• Scammers can set up fake comparison websites to capture your personal information

What to do when something goes wrong

Issues with shopping online can be many and varied and its best to seek professional advice if you encounter issues. This is particularly important if you suspect you have been scammed.

Please call NT Consumer Affairs on 1800 019 319 for advice.

If you are new to purchasing goods and services online, we encourage you to learn about the process before your first purchase. The internet has many websites that can explain how to purchase safely and what to do if things go wrong. If you have a specific question about buying online, there is an excellent chance the answer is available online. Type your question into your internet browser – this process is how many people learn about many topics quickly and easily.