As more and more people turn to the convenience of online shopping for the holidays, make sure you use your common sense. Cyber criminals are usually one step ahead with ways to steal your money and personal information.
Be a savvy online shopper. Here are some tips you can use to avoid becoming a victim of cyber fraud:
·Do not respond to unsolicited (spam) e-mail.
·Make sure sensitive information is encrypted. Before you supply any sensitive information, look for a URL that begins with “https” instead of “http”. This indicates a layer of security. Also look for a padlock or shield icon, which indicates recognized encryption software.
·Use a credit card. Always use a credit card to pay for transactions, rather than a debit card, money order or other forms of “cash.” Credit card companies will provide a certain amount of protection against fraud, eliminating or at least limiting personal liability.
·Use different passwords for different vendors. Don’t use the same password for all your online shopping accounts. If a password is intercepted or stolen from one account, it makes all your other online transactions vulnerable as well.
·Avoid using open networks. Only shop on secure networks and avoid free “open” Wi-Fi networks, where data or shopping habits may be visible to third parties.
·Keep software up-to-date. Make sure your browser and operating software is up-to-date. Attackers are constantly looking for vulnerabilities in operating systems and manufacturers regularly offer updates to eliminate potential weaknesses.
·Do not click on links contained within an unsolicited e-mail.
·Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Scan the attachments for viruses if possible.
·Avoid filling out forms contained in e-mail messages that ask for personal information.
·Watch out for seasonal scams. Be cautious with e-mails claiming to be shipping confirmations or package alerts, particularly if they contain a file attachment. Delete any message from a source that you don’t recognize.
·Always track transactions and shipments through the retailer’s or shipper’s web site. Always compare the link in the e-mail with the link to which you are directed. Determine if they match and will lead you to a legitimate site.
·Log directly onto the official website for the business identified in the e-mail, instead of “linking” to it from an unsolicited e-mail. If the e-mail appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence from the business will provide the proper contact information.
·Contact the actual business that supposedly sent the e-mail to verify if the e-mail is genuine.
·If you are asked to act quickly, or there is an emergency, it may be a scam. Fraudsters create a sense of urgency to get you to act quickly.
·Verify any requests for personal information from any business or financial institution by contacting them using the main contact information.
·Remember if it looks too good to be true, it probably is.
Fraudsters direct victims, via e-mail, to a spoofed website. A spoofed website is a fake site that misleads the victim into providing personal information, which is routed to the scammer’s computer. Beware of e-mails or text messages that indicate a problem or question regarding your financial or bank accounts. Internet criminals will attempt to direct victims to click a link or call a number to update an account or correct a purported problem. The links may appear to lead you to legitimate websites, but they won’t. Any personal information you share on them could be compromised.
If you are expecting a delivery, the major legitimate delivery service providers, such as UPS or FedEx, do not e-mail customers directly regarding scheduled deliveries. You must have an existing account for this type of communication. Nor will they state when a package has been intercepted or is being temporarily held. E-mails about these issues are phishing scams that can lead to personal information breaches and financial losses. Do not respond to requests for personal information.
Be wary of buying products through classified ads on auction websites. Internet criminals post classified ads, often on auction sites, for products they do not have. They make the scam work by using stolen credit cards. Fraudsters receive your order, and then charge your credit card for the amount of the order. But they use a separate, stolen credit card for the actual purchase. They pocket the purchase price obtained from your credit card, and have the merchant ship the item directly to you. Consequently, an item purchased from an online auction but received directly from the merchant is a strong indication of fraud. Victims of such a scam not only lose the money paid to the fraudster, but may be liable for receiving stolen goods.
When purchasing from an auction site, carefully check the seller’s rating and feedback, along with their number of sales and the dates on which feedback was posted. Be wary of a seller with 100 percent positive feedback, with a low total number of feedback postings, or with all feedback posted around the same date and time.
Fraudsters will also offer reduced or free shipping to auction site customers. As for product delivery, fraudsters posing as legitimate delivery services offer reduced or free shipping to customers through auction sites. They operate their scam by providing fake shipping labels to the victim. The fraudsters do not pay for delivery of the packages. The delivery service providers, therefore, intercept the packages for nonpayment. The victim loses the money paid for the purchase of the product.
It’s safest to purchase gift cards directly from merchants rather than through auction sites or classified ads. If the merchant discovers the card you received from another source was initially fraudulently obtained, the card will be deactivated.
If you have received a suspicious e-mail, file a complaint with the Internet Crime Complaint Center: www.ic3.gov.
For more information on e-scams, visit the FBI’s E-Scams and Warnings webpage: www.fbi.gov/scams-safety/e-scams.