Ensure that your operating system and web browser (Internet Explorer, Firefox, etc) are fully patched and up to date before surfing the web.

Install and run a personal firewall as well as anti-virus software with the latest virus signatures.

Check the terms and disclaimers of any e-shopping site before using their services, e.g. check personal privacy statements, etc.

Choose well-known or trustworthy e-shopping sites.

Keep notice of key measures on providing information or making a purchase on a web site:

• Informed consent on personal information
  

Check the security level of e-commerce web sites before submitting personal information and conducting transactions (e.g. SSL, check for the https prefix, the lock icon in your browser, or the issuing authority of the site's digital certificate).

Apply for a Digital Certificate for electronic transactions.

Consider using Encryption to protect sensitive data transmitted over public networks and the Internet.

Keep a copy of transaction records. Most e-commerce sites present you with a summary of your transaction before you click a Send or Buy button. Print this out or save it as a file to refer to later if necessary.

Avoid submitting any data that is irrelevant to the purpose for which it is being collected. Be particularly cautious if asked for personal information, such as credit card or bank account numbers.

Be alert to the latest news on sites that are notorious for suspicious activities, or labeled as "bad sites".

Remember to logoff at the end of a session.

Use different sets of logins and passwords for different web applications and services.

Change your passwords used in critical web applications regularly if a one-time password is not supported.

Report abnormal behaviour to your service provider or ISP immediately.

Don't turn on options that enable active content (e.g. Active X, Java, JavaScript, cookies) in your email application or your browser except communicating with a trusted source. This will help prevent malicious code attacks.

Don't download data or software from unknown sources.

Don't try to visit untrustworthy sites just out of curiosity.

Don't forget to check the privacy policy of a web site, ensuring that the personal data you provide is properly used and protected.

Don't reply or directly click any links embedded in an unexpected email message, such as those emails requesting you to log into your account in order to confirm the use of the account. Check with the company/bank if you are uncertain about a message.

Don't login to critical web applications from a public computer.

Don't cache your username and password in your workstation.