Never submit a credit card number or other highly sensitive personal information without first making sure your connection is secure (encrypted). In Netscape, look for an closed lock (Windows) or unbroken key (Mac) icon at the bottom of the browser window. In Internet Explorer, look for a closed lock icon at the bottom (Windows) or near the top (Mac) of the browser window. In any browser, look at the URL (Web address) line - a secure connection will begin "https://" instead of "http://". If you are at page that asks for such information but shows "http://" try adding the "s" yourself and hitting enter to reload the page (for Netscape or IE; in another browser, use whatever method is required by your browser to reload the page at the new URL). If you get an error message that the page or site does not exist, this probably means that the company is so clueless - and careless with your information and your money - that they don't even have Web security. Take your business elsewhere.

Your browser itself gives away information about you, if your IP address can be tied to your identity (this is most commonly true of DSL and broadband users, rather than modem users, who are a dwindling minority). For a demo of how much detail is automatically given out about your system by your browser, see: privacy.net/analyze.

Also be on the lookout for "spyware" - software that may be included with applications you install (games, utilities, whatever), the purpose of which is to silently spy on your online habits and other details and report it back to the company whose product you are using.

Examine privacy policies and seals.

When you are considering whether or not to do business with a Web site, there are other factors than a secure connection you have to consider that are equally important to Web security. Does the site provide offline contact information, including a postal address? Does the site have a prominently-posted privacy policy? If so, what does it say? (Just because they call it a "privacy policy" doesn't mean it will protect you - read it for yourself. Many are little more than disclaimers saying that you have no privacy! So read them carefully.) If the policy sounds OK to you, do you have a reason to believe it? Have you ever heard of this company? What is their reputation? And are they backing up their privacy statement with a seal program such as TRUSTe ( http://www.truste.org/ ) or BBBonline ( http://www.bbbonline.org/ )? (While imperfect, such programs hold Web sites to at least some minimal baseline standards, and may revoke, with much fanfare, the approval-seal licenses of bad-acting companies that do not keep their word.) If you see a seal, is it real? Check with the seal-issuing site to make sure the seal isn't a fake. And examine terms carefully, especially if you are subscribing to a service rather than buying a product. Look out for auto-rebilling scams and hidden fees.

Microsoft Windows and Microsoft Internet Explorer are registered trademarks of Microsoft Corporation, Mac is a trademark of Apple Computer, Inc., Netscape is registered trademark of Netscape Communications Corporation, JavaScript is a trademark of Sun Microsystems, Inc; special thanks to EFF's