For those of us who partake in holiday shopping, we will be making our purchases online instead of in stores this holiday season due to the pandemic. And we’re not the only ones ready for holiday deals. Cybercriminals are ready for them, too. Attackers will be ramping up their efforts to ruin your holiday shopping experience by stealing your money, your identity, and your online accounts. Beware! Practice cyber hygiene as you shop online this season. Fraud prevention tips to keep in mind:
Never Use Debit Cards
Debit cards should never be used for online purchases. If your card number and passcode get stolen, you can kiss your savings goodbye. Use a credit card. Credit card companies won’t hold you responsible for fraudulent charges.
Be Wary of Online Promotions
Don’t click on ads from companies you don’t know. Don’t even click on ads from companies you do know! Visit the company’s website directly. Company promotions will be live on their websites – you don’t need to click a Facebook ad or online ad to get a deal. Cybercriminals will be trying to get you to click on fake ads and visit illicit websites to steal your credit card number and personally identifiable information. Only buy from reputable companies who offer a secure (https) online holiday shopping experience.
Monitor Your Credit Card Transactions
You can be part of the problem or part of the solution. You know attackers are trying to steal credit card numbers – on the front end by intercepting the initial transaction, and on the backend by breaking into company databases. Either way, you can stop criminals in their tracks by monitoring your account and canceling your card the minute you see unauthorized transactions. It’s not hard to do, and it’s so important this time of year.
Watch Out for Email Scams
Cybercriminals are actively trying to lure you into clicking on bad links in emails by using timely subject lines. You will not be the first to get the COVID-19 vaccine, so don’t click on a link promoting such an offer! If the offer sounds too good to be true, it likely is. So don’t even think about clicking that promotional link. Attackers will make their emails look like they are coming from legitimate businesses. And the landing pages will also look credible. But they won’t be, and you’ll be sorry if you take the bait. Educate family members to proceed with caution…
Don’t Respond to Bogus Text Alerts
Malicious actors manifest a sense of urgency to get you to act quickly, without thinking. We received the following text message last Thursday, on the US holiday of Thanksgiving: “Your Amazon account has been locked. Please update your billing information here: https://auth-myaccountnowcom/tVLJ…” See below screenshot.
Everyone is using Amazon to shop for everything from gifts to groceries to medicine. The criminals are appealing to something we know and are actively using. The first telltale sign that this is a phishing attempt is that the URL isn’t from Amazon. The second giveaway is the request for billing information – attackers are looking for personally identifiable information so they can make off with your identity or create accounts in your name. Be extra cautious this time of year. Only click on links in texts and emails from people or organizations you know.
LifeLock has a list of 15 Tips for Safer Online Shopping. Check it out before you check out your next online purchase.