The shopping season is here, and so is the busy season for online fraud. If you're going to shop online, be sure to take measures to protect yourself from identity theft and only shop from trusted companies. And don't go click-happy with every holiday-themed link that comes your way.
Massachusetts-based Identity Truth has put out a few tech-safe shopping tips:
- Online shopping - Prior to making any purchases online, be sure to update your computer with anti-virus software. It is true that browsing and shopping online can save money, time and effort. Keep in mind that it is extremely easy for someone to set-up a shop online. It is essential that you know exactly who you are making purchases from and have assurance that they are reputable. Try to locate security icons prior to divulging any personal/financial information. Look for URLs that display "https" instead of "http, the “S” stands for secure.
- ATM Machines - When replenishing the holiday funds while on the go, try your best to withdraw money from Bank lobby ATM’s and limit yourself from acing your funds through ATM Kiosks. Why? Stand alone Kiosks do not have security cameras monitoring them and are statistically more likely to be infected with skimmers- electronic devices that allow thieves to record account numbers and PINs of unsuspecting users.
- Credit Card vs. Debit Card - Which one is safer? Under the Fair Credit Billing Act, Credit Cards provide consumers protection again fraudulent charges and your liability is limited to $50. You also have the right to dispute charges and withhold payment during investigation. Debit Cards are entirely different. Although they market themselves to deliver the same protection, they are not required to by any law. Bottom line, your liability for fraudulent charges is the entire amount in your checking account as well as the credit line you have been authorized to receive.
But don't let your guard down after your online shopping is done. Malicious e-mails love to prey on people in the holiday spirit who have a trusting attitude. AppRiver in Gulf Breeze, Fla. has released the following tips to avoid being suckered into fraud:
- Fake Holiday E-Cards - These popular greeting cards are often replicated and used to transport malicious malware such as the Storm Worm virus, which infects the recipient's computer and then uses it to control additional computers. Consumers can avoid falling prey to these attacks by discarding e-cards from senders they don't recognize or by going to the official website of the greeting card provider, which typically will have instructions for safely retrieving a legitimate greeting.
- Credit Card Phishing - As holiday spending gets underway, consumers are likely to see an increase in emails supposedly from financial institutions, claiming missed credit card payments, unauthorized transactions or problems with the recipient's account and containing a link to enter the correct financial data. Unsuspecting shoppers are also vulnerable to phishing campaigns that use replicas of legitimate e-commerce sites, such as eBay, Amazon and PayPal, to extract credit card numbers and account information. For secure online banking and shopping, always open a new browser and go directly to the retailer's website rather than following a link, and never respond to emails or pop-up windows asking for financial information.
- Charity Scams - Cybercriminals often exploit the holiday spirit of giving with mass email campaigns claiming to be from charities, and this year is no exception. To ensure that donations go to a worthy recipient and not into spammers' pockets, always go directly to a charity's official website and thoroughly research the organization before providing personal information or making a donation.
- Social Networking Spam - Spammers and phishers are increasingly using social networking sites such as MySpace to target certain demographics with unsolicited advertisements or free gift offers. These messages often appear to come from an online friend and can range from mere annoyances to phishing scams designed to harvest email addresses or steal account logins and passwords. Individuals should use privacy settings to restrict who can access their information on these sites and should never click on a link posted by an unknown source.