Advertiser Disclosure

Beware of Scams During the Holidays

Nov. 8, 2012
Shopping, Shopping News
Many or all of the products featured here are from our partners who compensate us. This may influence which products we write about and where and how the product appears on a page. However, this does not influence our evaluations. Our opinions are our own.

The holiday shopping season is here, and shoppers are expected to dig deeper into their pockets. A new survey by Accenture shows consumers will spend about $582 on average just for holiday shopping this year. Moreover, an incredible 23% of consumers are expected to spend more than $750 on holiday gifts, increasing holiday spending from previous years. However, this year more than 50% of consumers are switching to shop online to find discounts for holiday gifts and to avoid the madness of Black Friday bargain hunters.

But as more people shop online for discounts, cyber criminals are waiting to take advantage. Therefore, NerdWallet has listed the latest online scams for this holiday season.

1. Smartphone Scams

Because smartphones are so portable and convenient, more and more people are using their smartphones for online shopping. Lawyer, Professor at Bentley University, and Scam Expert, Steven J.J. Weisman, Esq., cautions online shoppers when using smartphones and mobile devices: “The biggest scams that online shoppers are not aware of is the great risk presented by shopping with their mobile devices and smart phones. Tainted phony apps can be downloaded on to your mobile device or cell phone that will install keystroke logging malware programs on your devices that will steal all of the information from your smartphone including your Social Security number, your credit card number and your passwords.  The combination of people often not even thinking to password protect their phones and mobile devices as well as failing to utilize security software for their phones and mobile devices puts them in great damage of identity theft.” Many people aren’t aware of the dangers of shopping on their smartphones because we rarely hear of people’s phones being hacked, but in fact, personal and financial information is downloaded from mobile devices every day without the user’s awareness. Weisman suggests some ways to protect yourself when using your smartphones for online shopping: “Don’t download apps except from legitimate sources such as Apple’s App Store. Your smart phone and other mobile devices should be password protected with a hard to break password.  These devices should also have security software installed to protect you from viruses and malware.  This software should be constantly updated.”

2. Aid to Hurricane Sandy Victims

In the wake of Hurricane Sandy, there are now scams out there that target and take advantage of natural disasters and anything tragic in the news. If you plan to donate funds or material goods to aid Hurricane Sandy victims and rebuilding efforts, make sure you are donating to a credible charity organization. Do not click on links from unsolicited spam emails and beware of organizations with names that sound similar to reputable charities. Here are some more Hurricane Sandy scam tips from the Herald-Dispatch.

3. Unsolicited Emails

Don’t click on links or open attachments in emails from people that you don’t recognize. Scammers often send phishing emails to steal your personal information or hack into your computer especially during the holidays when people are looking for shopping deals. According to Derek Manky, Senior Security Strategist at Fortinet, “Spammers and scammers love the holidays, because they know a large number of people on the Web during that time have their wallet open and are looking for bargains. And while it may be really tempting to click on an email link that says, ‘Great Deal on iPads… 50% off!’ be careful! By clicking on that link, you could be taken to a compromised Website that downloads malware onto your computer.” There are all kinds of different malware attacks that can result from unsolicited phishing emails. “That malware can then be used to capture your computer key strokes, download additional malware, such as fake antivirus applications, or simply turn your computer into a spam generator,” says Manky. The Security Strategist also offers suggestions on what to do if you see unsolicited emails in your mailbox: “If the deal looks too good to be true, it probably is. But if you’re still tempted to click on that link, place your cursor over the link (without clicking on it) and check the URL where you would be directed had you clicked on it. If you don’t recognize the URL, stay far away.” Also, avoid emails with suspicious attachments or emails that ask you to update your account information or change your password because your personal information may get compromised.

4. Social Media Scams

Droves of people are now connected via social media and constantly sharing daily life updates and popular links on Facebook and Twitter and more. Scammers exploit social media to spread bogus promotions that often require clickers to fill out online surveys to steal their personal information. Executive Director of the Identity Theft Council and CEO of My Security Plan, Neal O’Farrell discusses how scammers use social media to their advantage. “Facebook is very popular with scammers, and the scams range from infected links to click and like-jacking (where the thieves generate advertising revenue from “likes” of bogus pages), to fake coupons, competitions, and sweepstakes. If you’re surfing for deals, consider using one of the many free safe surfing tools, like McAfee Site Advisor, that will tell you if a site is suspicious before you click on it.”

Andrew Schrage, co-owner of Money Crashers Personal Finance, emphasizes how common social media scams can be. “One of the latest scams involves social media. Be wary of any suspicious links you see on your Facebook feed or Twitter account, even if they have been posted by one of your friends. You could end up at a website that downloads spyware onto your computer to steal your personal information.”

If you see your friends sharing suspicious spam links, don’t click on the links but tell your friends that their social media account has been hacked so that they can take action to fix their account.

5. Craigslist Scams

Craigslist continues to be a popular online venue for finding unexpected deals on anything from appliances and furniture to cars and concert tickets. But Schrage from Money Crashers warns that Craigslist scams are abundant. “If you agree to buy something from a Craigslist seller, only pick it up in person – do not pay to have it shipped. Be sure to meet in a brightly lit public place, and take a friend along if possible. People have been robbed and even physically injured during Craigslist transactions that go bad.” Also, if you conduct your transaction in person, bring a strong friend so you don’t meet the seller alone and don’t even buy the item if the deal sounds like too good of a bargain.

There are many more nefarious scams out there that target people online during the holiday season but just remember to always be cautious of what you’re doing online can save your personal information and your money from falling into the wrong hands.

6. Unsecure Wi-Fi Hotspots

Scammers know that tablet and smartphone shopping is on the rise and, in turn, take advantage of gadget users. Manky from Fortinet underscores the consequences of using unsecured Wi-Fi hotpots in a jam: “If you’re a holiday shopper who likes to augment online shopping with actual store browsing and like toting your notebook along for the ride so you can do quick price comparisons, do not connect to an unknown unsecure hotspot. An unsecure hotspot allows hackers to capture any and all data that’s flowing to and from the hotspot, enabling them to intercept logins and passwords, email messages, attached documents and other personal and confidential information.” If you can’t help but jump online while shopping, go to familiar places that offer secure Wi-Fi connections. When you’re connected to a public unsecured Wi-Fi connection, never log into email or social networks or any personal accounts because any of your private data, passwords, or account information could be saved and accessed by any hacker who knows how to take advantage of it.

7. Untrustworthy Search Engine Results

Hackers know that the search terms “black friday” and “black friday deals” get millions of searches during the weeks prior to Black Friday. Search Engine Optimization (SEO) attacks will be common especially during the holidays when cybercriminals game the ranking algorithm of search engines like Bing or Google to drive their virus-ridden websites to the front page of key word search lists for popular holiday search terms. Clicking on these links could take unsuspecting deal-seeking shoppers to malicious websites that immediately compromise your computer and steal personal information. When you’re looking for Black Friday deals, be incredibly cautious and don’t click on suspicious URLs even if top search engines display them as the top results. Hover over hyperlinks with your cursor to see if the link directs you to a website that is not what you searched for. Also, if the text preview of the search result is just a list of keywords and not full sentences, the search result will probably lead you to a malware site that you should definitely avoid.

8. Unknown Coupon Websites

Lots of scams target Black Friday and Cyber Monday shoppers who get lured in by phony coupons that don’t work or lead you to fake websites that just steal your credit card and personal information. These coupon websites that provide these fake coupons only want to steal your identity or surreptitiously install malware on your computer. To avoid unknown coupon websites, don’t fall for unbelievable coupons for hot holiday products like iPad’s and Wii U’s. Do some research to make sure the coupon website is credible, legitimate and not compromised by server attacks. Always maintain up-to-date Anti-Virus protection on all your computers to block any viruses or malware from attacking your computer and compromising your personal information. The FBI provides valuable tips to protect your computer, which includes installing a firewall, turning your computer off when not in use, and frequently updating your Antivirus and Antispyware software.

9. Bogus Email Receipts

When you shop online, every online store big and small sends customers receipts via email soon after your purchase, but beware of fake email receipts for things you never ordered. O’Farrell, Executive Director of the Identity Theft Council, warns “this is the easiest scam of all. The scammers send you a bogus receipt by email, maybe waiting for the busiest shopping days, for some large purchase you never made. In panic, you open the attached receipt only to find the gift in question is either a piece of malware that takes over your computer, or a link to a phishing web site that tries to steal your personal information.” Make sure you keep track of your purchases so you can immediately delete the bogus email receipts.

10. Gift Card Scams

Giving gift cards as holiday presents is growing in popularity to give to people who are hard to shop for so they can choose something they want. However, gift cards are extremely easy to tamper with since they are just a string of numbers with no identifying name attached to them. In stores, scammers take gift cards off the racks, copy down the gift card numbers and PIN numbers, then replace the gift cards back on the racks. Once they have stolen all the gift card data, the thieves check the gift card balances online or by phone. Once they discover that the gift card was activated, they spend the balance online and steal your money that you intended to gift to someone. When buying a gift card, always check that the gift card was not tampered with and that the protection coating over the PIN number is not scratched off. Also, avoid buying discounted gift cards at online auction sites since those gift cards are probably stolen or fraudulent.

Also, beware of smishing where scammers send you fake SMS texts to try to trick you to claim a desirable prize. Don’t be fooled by texts, emails, or phone calls that you’ve won a gift card in a high dollar amount from a big name store like Best Buy or Walmart. Often, these scams are after your personal information and require you to send money to claim your prize or to divulge your credit card number to remove you from their contact list.

Whether you are shopping for that perfect gift for your beloved or selling products to holiday shoppers, stay vigilant about scammers and never let your guard down online when it comes down to where your money and personal information goes. Be skeptical of everything that sounds too good to be true like free iPad deals or 80% off your entire order. It’s your money and your identity so be especially paranoid about cyber security while shopping online, especially during the holiday shopping season.