Tips to avoid cyber fraud this holiday season.
Think before you click. Those are words to the wise from fraud and cyber-security experts this holiday season, when many consumers turn to their smartphones or iPads to make purchases.
“To avoid getting scammed this holiday season where fraudsters are looking to steal your money, identity and holiday cheer, never trust and always verify,” says Adam Levin, whose credits include being former director of the New Jersey Division of Consumer Affairs, cofounder of Credit.com, and founder of cyber-security company CyberScout.
You don’t have to be rich to be a target, experts say.
“You’re dealing with persistent, clever, weaponized people, and you are their day job. To a hacker or a scammer, you are Kim Kardashian,” Levin said.
So consumers should take time to educate themselves about popular fraud attempts and how to protect themselves, said Trevor Buxton, a certified fraud examiner with PNC Bank.
The pure volume of holiday shopping presents an opportunity for fraudsters: An estimated 164 million people planned to shop during Thanksgiving weekend, according to an annual survey by the National Retail Federation and Prosper Insights & Analytics. That includes today’s Cyber Monday, when online shoppers are estimated at 48 percent of all shoppers, or 78.4 million.
Because many retailers now have chip card readers, fraud at brick-and-mortar stores is down. So scammers have shifted their efforts online, according to the Better Business Bureau in Florida and the Caribbean. Use a credit card — instead of a debit card — to make purchases online, the BBB recommends.
When buying from a website, make sure it’s secure by looking for https in the address (the extra “s” is for “secure”) and for a lock symbol, experts say.
Levin said to go directly to a retailer’s website or use its app to make a purchase, instead of using a link in an email or in social media.
“You think you are getting the discount of a lifetime or an exclusive offer, but this is a phishing attack. When you click on the link, you have just downloaded malware,” Levin said.
You might see a pop-up ad or phishing email where you will be directed to a clone site and asked to provide personal information and credit card information. “This site is only designed to steal your personal and financial data,” he said.
Buxton said fraudsters often take well-known brands and create a copycat website with a few extra words in the URL. To guard against fake sites, search online for the real company’s website. Double check information such as a company’s street address on the site.
Also, watch out for clone apps, experts say. Levin said these may look like they’re from your favorite retailer, but they are infected with malware and designed to steal your data. When shopping on your smartphone or tablet, download apps from an official app store, such as Apple’s iTunes.