Summary:
Welcome to the holiday shopping season. Retailers already anticipate strong sales this year, with retailers projected to generate more than $278 billion in ecommerce alone – an increase of about 11% over 2022.
Unfortunately, another group is watching holiday shoppers this year – cybercriminals. With 65% of respondents doing all of their holiday shopping online this season, crooks are expected to try cashing in by stealing the payment and personal information of unsuspecting shoppers.
Four Common Holiday Shopping Scams
While fraudsters and identity thieves may change the particulars of their attacks from year to year, there are four common scams to watch out for:
1. Online Shopping Scams
With the increase in people shopping via the web, it is no surprise that online shopping scams rank as the second most reported type of fraud in the U.S., with nearly 365,000 reported incidents totaling $358 million in 2022.
Staying vigilant while shopping online can help reduce the chance of identity thieves gaining access to your personal information. Remember, scammers can spoof an online retailer’s website by making minute changes to the URL. Sometimes they’ll add a letter or a word to the URL hoping that victims won’t notice the subtle change.
Before clicking a link, pay attention to where it is taking you. Hover your mouse pointer over hyperlinks to verify the actual URL, and don’t click any tiny URLs or addresses that don’t match what you would expect for a trusted online retailer.
2. Promises of Hard-to-Find Items
Every year there seems to be a must-have toy or gadget that’s considered the hot gift and those popular gifts are often the toughest to find.
The desire to find a hard-to-get item can help cybercriminals, who often promise to sell these gifts to attract victims. They’ll frequently offer them on online marketplaces on social media where the fraudster can take your payment and send nothing in return. To avoid these kinds of scams, the Better Business Bureau suggests buying the item from a local seller and completing the sale face-to-face.
If you must buy from an online marketplace, investigate the seller’s background as much as possible. Make sure they have an established history on the platform and solid ratings from past shoppers.
3. Phishing and Smishing Attempts
Considering the increase in online shopping during the holidays, the use of fake emails and text messages is also a popular tactic. With these scams, fraudsters claiming to be from popular shipping and deliver companies send messages about alleged delivery problems.
Criminals know people are expecting deliveries and will deploy phishing emails and smishing messages to trick individuals into revealing their personal and financial information or downloading malware. In fact, 2023 alone has seen a 1265% increase in malicious emails sends.
If you receive this kind of phishing or smishing message, do not click on any links or call any phone numbers included in the message. Instead, reach out to the retailer or shipping company directly through the customer service contacts listed on their official site to ask if an update about your delivery is legitimate.
4. Fake Pleas for Charity
The season of giving means that people are generally more aware of those in need, so a lot of charitable donations are made at this time of year. Scammers may try to take advantage of this generosity, soliciting for charities that sound familiar but aren’t real or don’t do what they claim to.
To ensure your charitable donations go where you want them to, law enforcement recommends you only give to established charities or groups whose work you know and trust. Before contributing, you can examine a charity’s track record using the Federal Trade Commission’s resources.
Avoiding Holiday Season Scams
The strategies below are designed to help protect your payment and personal information from fraudsters and scammers:
- Review offers carefully. Many businesses have loyalty offers during the holidays, but attackers often mimic these feel-good emails with phishing scams. Remember that if something seems too good to be true, it usually is. If you want to check if an offer or a coupon code is legit, look up the retailer’s contact information on their official website and verify the offer. You may also want to search the internet about the offer, but add words like “complaint,” “scam,” and “reviews” to see if it has been reported as fake. You’d be surprised at how many of these offers get repeated even after being reported.
- Secure your payments. Even when you’ve researched a seller, things can go wrong. Make sure you protect yourself by paying for your holiday gifts in a safe, secure way. Certain payment methods provide greater protection than others. Credit cards are better than debit cards if you need to dispute fraudulent charges. Unlike debit cards, a compromised credit card also won’t open your bank account to the risk of unauthorized withdrawals. It’s also worth noting that fraudsters will try to scam people who use legitimate online payment apps. Payment apps are treated like cash in the same way checks and money orders are, which means you can lose your money without recourse. Payment apps, checks or money orders shouldn’t be used unless you personally know the seller.
- Monitor your accounts, credit and identity. Once you put the holiday decorations away, you still need to be vigilant to ensure your information is safe. Tracking your banking and credit card accounts to ensure your finances are in order is always recommended. It’s particularly important to do so after the holidays. That way, you can confirm your purchases and see if any unexpected transactions appear on your account. In addition to watching your statements, monitoring your credit and Social Security number can detect whether your identity may have been exposed during the holidays. A service like IdentityForce, which provides continuous monitoring with alerts for suspicious activity, can be a simple, effective option to consider.
- Adopt strong security practices. While threat activity may increase during the holidays, cyber threats exist all year. Following the standard recommendations for better security – strengthening your passwords, keeping software updated and not clicking on unknown links or opening unexpected attachments – can help keep you safe now and in the future.