One way that scammers lure shoppers into handing over credit-card information is by advertising super-low prices. If a promotion seems too good to be true, it probably is.
With more people buying gifts online over the holidays, the potential for fraud is high.
“Scammers know people are looking for good deals and trying to fulfill their holiday wish lists, often without a lot of time,” said Michael Kaiser, executive director of the National Cyber Security Alliance.
If you will be among the many surfing for deals this season, consider these steps for keeping your transactions and personal info safe.
• Beware the $20 iPad. Be cautious if you stumble upon a website or get an email with an eye-popping sale.
Most Read Business Stories
- Kirkland consultant questioned for six hours in criminal probe of Boeing 737 MAX crashes
- As Seattle's new hotels roll out automation to serve guests, workers worry
- Walmart charts new course by steering workers to high-quality imaging centers
- Deutsche Bank staff saw suspicious activity in Trump and Kushner accounts
- Blue Apron latest to suffer in tough meal kit market
One way that scammers lure shoppers into handing over credit-card information is by advertising super-low prices. If a promotion seems too good to be true — say, a new iPad for about the same cost as a box of Legos — it probably is.
“If most retailers are selling a product within a certain range (of prices) and then one site is significantly less, that should be a clue,” Kaiser said.
• Look for the lock. Experts suggest using a credit card instead of a debit card when shopping online. With a credit card, you are protected if your account number is stolen or if a purchase turns out to be not as advertised (or nonexistent).
Before entering your card number, though, check that the website will encrypt your information. Encryption ensures that only authorized parties (you and the store) can see your personal details.
You can tell that a site is encrypted if the letters “https” or a lock icon appear along with the website’s URL. If you see a lock but it has a warning symbol, such as a question mark or red line through it, that suggests the website is only partially encrypted. Abandon cart.
• Use third-party payments. Information has been stolen from millions of people because of database breaches at retailers. So it’s understandable if you’re not comfortable using even a credit card online.
As an alternative, Shaun Murphy, chief executive of PrivateGiant, which is developing an app for encrypted messaging and file sharing, recommends using third-party payment tools, such as Amazon Payments, Apple Pay or PayPal.
By using these services, your credit-card and billing information lives in only one database, rather than at multiple stores.
“The retailer doesn’t get your credit-card information, and your data is stored with a trusted third party,” Murphy said.
• Check reviews. That unique gift for Aunt Sue may lead you to shop at an unfamiliar website or vendor.
In such cases, it is an especially good idea to use PayPal or other third-party payment services. And before you click “buy,” read reviews about the seller or look for ratings based on feedback from multiple shoppers, not just one or two.
“This is where community policing and voting come in handy,” said Bruce Snell, cybersecurity and privacy director at Intel Security.
• Sign up for alerts. Finally, if someone does manage to nab your credit-card info, make sure you know about it quickly. At many banks and credit unions, you can sign up to receive texts or emails any time your card is used.
Along the same lines, it’s a good idea to check your bank and credit-card accounts regularly this shopping season and look for purchases you don’t recognize.
Said Snell, “During the holidays, you want surprises to be good.”