Yes, it is your firewall that is important for shopping over the internet

just make sure that any site that asks you to provide payment details starts HTTPS and not HTTP

That means it's a secure site and your payment information is encrypted so nobody else can read it.

Don't buy from any site which has not got a proper postal address for contacting them

Read descriptions of products very carefully

be suspicious, if anything seems to good to be true it probably is

Never stand up in a canoe

Don't eat yellow snow

Normally when your buying something over the internet you get padlock by the addressbar or your address bar is green with the padlock. Go to www.paypal.com and you could possibly see what I mean.

While it is good that you have firewall and virus protection none of that may stop a phishing attack.

Phishing is where somebody sets up a "pretend" web site to look like an official site.

So they may set up a pretend ebay site, or NatWest bank site or Amazon site or whatever.

Now suppose you get an e-mail with text such as "click on the link below to go to the ebay site (or NatWest / Amazon site) to verify your password".

The link may LOOK as though it goes to the official site, but it goes to the pretend site. You enter your userid and password, and BANG, they have your log on details.

I am afraid no amount of firewall or virus protection is going to stop that. Some browsers and other products MAY have a phishing filter available so you could turn it on (IE7 has one for example).

But the best solution is NEVER CLICK ON A LINK IN AN EMAIL.

If you want to go to Amazon, ebay or whatever then always type the web address yourself, or click on it from favorites (assuming you are happy the link on favorites is genuine)