Hey Sara, welcome aboard. There are alot of variables when it comes to security, especially with e-commerce. You have local security, ie: ensuring your system doesn't have any logging software or monitoring software like keyloggers or other various rat's or trojans.

Then you have trust security, where you as a user are basing your trust in the website in question.

For example - you're browsing across a website that hyperlinks ebay.. or what appears to be ebay.

You click on the link and it takes you to loginebay.com - visually the websites resembles ebay.com to a T, however it is a mimic'd fake website which upon entering your login details, will archive these details and then possibly direct you to the official ebay website. You've entered your details into a database without even knowing it.

This is just one of various scenarios that come into play. There are other areas like XSS to watch out for - but in general - ensure thatthe URL is the correct URL for the website. Also install a phishing filter for whatever web browser you are using.

Be weary about websites that are not well known or legitimate looking. If in doubt, a quick google of the website will usually spill back results on whether it's legit or not.

Common sense is usually the best practice for purchasing online. It is very safe, provided you be on your toes for scams.