Protect Yourself from Holiday Shopping Scams

Even though the highly publicized retail data breaches have involved off-line brick and mortar stores, this doesn’t mean that security is high with online shopping. Scammers and hackers are waiting for you in more ways than you know, such as: 9D

  • Fake product reviews
  • Non-existent products
  • Delivered products that don’t match what was seen on the retail site
  • Shoppers being tricked into typing their credit card information into a purchase form on a phony shopping site
  • Malicious attachments and phishing emails offering too good to be true discounts to install malware on your device.

Let’s explore online shopping scams in more detail.

First up are malicious links and malments (malicious attachment).

  • You receive an e-mail pitching a great product deal; click on the link to learn more or to make the purchase. The scammer often makes the e-mail look like it came from a leading retailer. Clicking the e-mail may download a virus, or take you to the scammer’s website where you’re tricked into “buying” non-existent products—giving out your credit card information.
  • An e-mail may contain an attachment that, when opened, downloads a virus.
  • The e-mail may appear to come from UPS (but it’s really from the crook), and if you just by chance recently ordered something for delivery by UPS, you’re then easily tricked into clicking a “track your order” link.
  • Never click links or open attachments from e-mails that you’re not outright expecting, especially if there are typos in the message.

Coupons

  • If it’s too good to be true, then it’s too good to be true.
  • Be suspicious if a coupon site with fantabulous deals wants all sorts of personal information from you, as in, “What do they need to know that for?”
  • Fraudulent coupon sites often have typos including poor punctuation.
  • Annoying pop-up windows should send you running.

Gift Cards

  • Same thing as above: If it’s too good to be true, then assume it’s a scam.
  • Just delete any gift card e-mails pitching amazing deals, especially if there’s a link in the message.
  • Never fill out personal information in a form inside an unsolicited e-mail for some fantastic deal.

Not every gift card related e-mail is fraudulent. If the e-mail appears to be from someone you know, contact that person for verification before opening any attachment or following any links. A tip that it’s legitimate is that it has a code so that you can claim the gift; a tip that it’s a scam is that it’s asking you for your credit card information.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

8 ways to avoid holiday shopping scams

So what will you be doing this holiday season to avoid getting scammed? The scammers really come out of the woodwork during the holidays, waiting to snatch their victims. It’s easier than you think to avoid getting ripped off or getting your entire bank account sucked dry. Here’s how to avoid getting tangled in a scammer’s net: 9D

  • Always inspect every purchase on your credit card statements to make sure you recognize them.
  • If you must go with a lesser-known seller (because the product is very unique), then first Google them for any bad reviews. Keep in mind that raving reviews may have been set up by a scammer, but the presence of bad reviews is very telling. A clue that excellent reviews were set up by a fraudster is that identical ones appear on different sites.
  • Back up your data. Why? When all else fails and your data and devices have been destroyed by malware, a cloud backup like Carbonite allows you to not only recover all your data, but it helps you sleep at night.
  • Never click a link inside an e-mail that appears to have come from a retailer, UPS, the government, etc. Even if you just purchased something from Amazon, that e-mail “from” Amazon that contains a link is –you can bet on this — the work of a scammer. Clicking on the link may download a virus, or lead you to a site that lures you into giving your credit card number, SSN and other vital data to a cyber thief.
  • Sellers can also be victims of scams. A common one is that the buyer overpays the seller with a phony check, pretends it’s an innocent mistake, and then asks you to wire back the difference.
  • If you’re buying from individuals instead of businesses (think: eBay), meet potential buyers and sellers in public locations. If you’re buying, inform the seller you’ll initially meet without cash just to inspect the item.

Robert Siciliano is an expert in personal privacy, security and identity theft. Learn more about Carbonite Personal plans. See him discussing identity theft prevention. Disclosures.

8 Ways to Ensure Safe and Secure Online Shopping this Holiday Season

So, who’s on your holiday gift list this year? That list is a lot longer than you think; consider all the names of hackers that have not yet appeared on it. Scammers will do whatever it takes to get on your holiday gift list! Here’s how to keep these cyber thieves out of your pocket:

  • Before purchasing from a small online merchant, see what the Better Business Bureau says and also search Google for reviews.
  • If you see an unexpected e-mail allegedly from a retailer you shop at, don’t open it. Scammers send out millions of trick e-mails that appear to be from major retailers. They hope to trick gullible shoppers into clicking on them and revealing sensitive information. So many of these scam e-mails get sent out that it’s common for someone to receive one that appears to be from a store they very recently purchased from.
  • When shopping online at a coffee house or other public spot, sit with your back to a wall so that “visual hackers” don’t spy over your shoulder. Better yet, avoid using public Wi-Fi for online shopping.
  • Back up your data. When shopping online it’s highly probable you’ll stumble upon an infected website designed to inject malicious code on your device. Malware called “ransomware” will hold your data hostage. Backing up your data in the cloud to Carbonite protects you from having to pay the ransom.
  • Save all your financial, banking and other sensitive online transactions for when you’re at home to avoid unsecure public Wi-Fi networks.
  • Change all of your passwords to increase your protection should a retailer you shop at fall victim to a data breach. Every account of yours should have a different and very unique password.
  • Ditch the debit card; a thief could drain your bank account in seconds. Use only credit cards. Why? If a fraudster gets your number and you claim the unauthorized purchase within 60 days, you’ll get reimbursed.
  • Review your credit card statements monthly and carefully. Investigate even tiny unauthorized charges, since thieves often start out small to “test the waters.”

Robert Siciliano is an expert in personal privacy, security and identity theft. Learn more about Carbonite Personal plans. See him discussing identity theft prevention. Disclosures.

Post Holiday Online Shopping Security

When it comes to online security, don’t let your guard down just because the holiday shopping frenzy has passed. In fact, this may be the very time to put your guard up even higher.

4HThough it’s smart to have your radar on for the scammers during the holidays, the scammers don’t exactly go slithering back under their slimy rocks once the New Year is here. So here’s how to be safe online during, and after, the holiday season.

  • Never click a link inside an e-mail. Better yet, delete, without even opening, any e-mails with subject lines promising great offers, gifts, prizes, money or other hyped-up things.
  • If you don’t see the “https” before the Web address in the address bar, the site is not secure. A secure site always has “https” preceded by a padlock symbol.
  • Be suspicious of “too good to be true” offers that are tweeted or messaged through social media.
  • Do you shop on eBay? Then shop on eBay, not through e-mails supposedly sent by eBay. These are scams.
  • Speaking of eBay, always review the feedback of the seller.
  • Another thing to look for is the domain name of anything you received via e-mail. Scammers typosquat or cybersquat on legitimate domains.
  • You can upgrade your protection by doing your online shopping only with reputable, well-known retailers. Though some purchases will be an exception (e.g., home-baked chocolate chip cookies), other purchases like electronics, appliances, linens and consumables should be purchased from trusted merchants.
  • Shop online only when your connection is secure; Unless you use a VPN, never shop in cyberspace from a hotel’s, airport’s or café’s Wi-Fi connection. And make sure your computer’s security is always updated.
  • Never use a debit card online, because if a scammer takes your money, it will be gone that instant from your checking account. With a credit card, at least you won’t have to pay the bill if the fraud is reported within 60 days.
  • Never make an online purchase with your checking account—this means money being withdrawn before you receive the product…that you might never receive anyways.
  • Check credit card statements every two weeks if it’s set up online, and check every paper statement.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention.

7 Careful Commerce tips when Shopping this Holiday Season

Frosty the Hackman is teaming up this season with the Grinch to scam people out of their money. Shopping online is a godsend, but it brings with it a pristine opportunity to be ripped off.
http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294

  1. Avoid Phishing Scams. Never click on links inside e-mails even if they’re (allegedly!) from Macy’s, Kohl’s or some other big-name retailer. Scammers can easily make an e-mail appear legitimate. The e-mail inside the message may take you to a website that downloads a virus to your computer.
  2. Thwart Visual Hackers. Planning on doing some online shopping on your lunch break? Some hackers steal data by literally snooping over the shopper’s shoulder and if your credit card number, social security or other personal identifiable information happens to be on display on screen, you will be at risk. If you couple the 3M company’s ePrivacy Filter with their 3M Privacy Filter, “visual hackers” won’t be able to see from side angles, and you’ll be alerted to those peering over your shoulder and from most other angles.
  3. Do Your Research. If you want to buy from an unknown little retailer, hunt for reviews first. Be alert to phony reviews to make them look great; identical reviews across different sites are a bad sign. Check the Better Business Bureau’s rating for retailers you visit.
  4. Be Wary of Free Wi-Fi While it might be tempting to double check your bank account balance or get some emails done while you’re waiting in line for the register, if you’re accessing an unencrypted network you are putting yourself and your personal information at risk for data theft.
  5. Credit over Debit. If you get ripped off, the money is gone the second the card is used. At least with a credit card, you have some time to issue a dispute, and the card company will usually give you a full credit.
  6. Review Your Credit Regularly. Since you’ll be using your credit cards more frequently during the holidays, it’s important to stay on top of your statements to make sure there are no fraudulent charges.
  7. Mind your Passwords. To increase your security across the web, update your passwords during the holiday season in case one of your favorite retailers is hacked. Even if these sites are not infiltrated, right away consider changing your passwords across the board to better protect yourself down the road. And while it is annoying to remember different passwords, it’s important to very them for optimal protection.

Robert Siciliano is a Privacy Consultant to 3M discussing Identity Theft and Privacy on YouTube. Disclosures.