SHOPPING ONLINE: WATCH OUT FOR SCAMS

It’s the most wonderful time of the year, but also the most dangerous for online shoppers… the holidays mean big business for retailers—and a peak opportunity for scammers. As online shopping surges, the criminals go where the money is and fraud stemming from online shopping is at an all time high during Black Friday and Cyber Monday.

Here are a few common year-round scams that can be a greater threat during the holiday season—and 5 simple steps you can take to fend off the world’s Grinches and fraudsters who are heavy on naughty, totally lacking in nice.

Fake emails and sites

Don't click on the links in email or attachments: Email is the number-one way cybercrime of all forms happens. Hackers send what’s called a phishing site that looks exactly like a real shopping site when, in fact, it's a copy of that website. So when you type in your credit card information and password, that information gets sent straight to the crook.

In the same way that you should avoid clicking on email links, don’t open up attachments from retailers. Retailers won’t hide deals in attachments – that’s where attackers hide malware.

Avoid pop-ups and ads:
Malware and viruses aren’t just spread via email. They can follow you around the Internet in the form of pop-ups and advertisements — aka malvertising, or malicious advertising. These types of ads can send you to sites that ask for your information, but they can also infect your device with a wide variety of harmful programming including adware, spyware and ransomware. This is a form of malware that locks up your computer or specific files and forces you to pay to get access back.

Open sites directly:
So When your favorite retailer sends you an email with a tempting promotion and out of this world discount code, don’t simply click on it. Go directly to the retailer’s website by typing its name in your browser, rather than clicking on a link. If a deal is legitimate, it will be on the company’s site.

Watch the URL:
When shopping online, check the website’s URL carefully. Legitimate sites are generally secure, and will display the “https:” instead of just “http.” The added “s” signals the site is secure. I a lso recommend you look for the lock symbol at the left-hand side of the search/URL bar—another indication that a site is secure. If there’s a website that does not have the locked symbol or the ‘s’ in the http portion of web address, do not do business there.

WATCH THIS:



Don’t shop over free Wi-Fi: Spoiler alert: public Wi-Fi is not safe. I know it’s so tempting to do your shopping while waiting in line for a pumpkin latte at Coffee Bean, but you end up paying big time in the end. Hackers use public Wi-Fi networks to snoop. Even worse, some will set up fake hotspots in an attempt to capture login information for the accounts you access and any credit card numbers you may input. So make sure you use a secure private Wi-Fi connection to shop. If you absolutely need to use public Wi-Fi, use a Virtual Private Network, or VPN, that will encrypt your browsing history and activity. Hotspot Shield Free is a free VPN that will allow you to connect up to five devices from one account.

Skip the Debit Card: When shopping online it’s best to stick to credit cards or payment services like Paypal. Because debit cards are linked to your bank account, you’re at much higher risk if someone is able to hack your information. Credit cards offer more protection and less liability if a card number gets stolen. This is one time when it pays to put it on plastic.

Here are a few others:

Fake charity scams are usually at their peak during the giving season. Scammers can create a bogus duplicate of a legitimate charity, hosted at a URL that looks legitimate

Holiday greetings should also be approached with caution, especially if an e-card arrives from out of the blue. Hackers will sometimes send these cards out to everyone on the contacts list of a compromised email account. Attackers might also have obtained information about your family from a data breach and be impersonating someone using a newly registered email account.