Consumers are regularly warned to be extremely careful about putting their Social Security and credit card numbers online and to use long and convoluted passwords to protect themselves from cyber thieves.
But there are additional not-so-obvious ways to ward off web crooks, said the Internal Revenue Service in an advisory this week.
Even a Facebook post boasting of a new car can help thieves bypass security verification questions to steal from you.
The IRS advised consumers to only use shopping and banking sites where the information is encrypted so users can protect their information as it travels from their computers to the companies’ servers.
To determine whether a site is encrypted, look for “https” at the beginning of the web address (the “s” is for secure).
“Look for ‘https’ on every page of the site you’re on, not just where you sign in,” the IRS said.
If you are tempted by an online offer, but worry it’s too good to be true, the agency recommended that you type the name of the company or the product into a search engine with terms like “complaint” or “scam.”