Don’t Get Grinched by Cybercrime During the Holiday Season | The New York Times
Avoid Scams This Holiday Season | U.S. Immigration and Customs Enforcement
With exactly two weeks left in the holiday season, online sales—which, according to comScore, surpassed $3 billion on Cyber Monday, making it the largest online spending day in history—are expected to bring in at least $1 billion a day for online retailers from now until the holidays are over.
But as millions of consumers flock to the Internet as their preferred, convenient “one-stop-shop” for all gift-buying needs, hackers and cyber criminals are not too far behind, as they aim to take advantage of the holiday rush by preying on the naiveté of shoppers looking to score a holiday deal. As a result, consumers should be prepared for an even higher risk of online fraud across all channels than in past years. In fact, one in 86 transactions may be fraudulent, according to new data from ACI Worldwide, and hackers are also targeting retailers with a new wave of malware intended to steal credit card and debit card information directly from payment terminals at the stores.
The recent push by banks to implement security chip-enabled credit cards and by merchants to install chip-reading terminals in stores may prevent hackers from creating counterfeit credit cards, but they are no defense against fraudulent “card not present” transactions, such as those that occur online.
While security experts are still working to find possible solutions against the latest malware and scam techniques, here are some tips on how to protect yourself from online Grinches this holiday season:
- Buy only from reputable merchants and websites, and be wary of emails and pop-up messages asking for your password, credit card number, or personal information—No established business would ask consumers to disclose such information via email or pop-up. Do not reply or click on the links in these messages as they may take you to copycat malicious websites. Instead, look at the specific email address and domain name of the sites first to make sure it’s really from the retailer and not a close derivative, and then contact the legitimate organization directly to verify the request.
- Use strong passwords and use a different one for each online account—Create long, complex passwords using upper and lower-case letters, special characters and numbers. A password with at least 10 characters is generally recommended. Various password management programs (1Password, KeePass, or LastPass) exist to help you manage your various passwords so that you are not overwhelmed. These programs are safe and secure, and they can generate hard-to-crack passwords for you.
- Be skeptical of deals that sound too good to be true—Do not fall for rock bottom bargains unless you make certain they are legitimate by contacting the merchant and asking questions before making a purchase. If a deal seems too good to be true, it probably is.
- Do not send cash or wire money for payment—Pay with a credit card or, even better, gift/charge card. The best option is to keep a separate credit card for online purchases.
- Check your credit card activity daily and keep an eye out for “microcharges”—Hackers often test cards to see if they are valid by charging small amounts of $1 or $2. If those cards are found to be valid, they can then sell them to other crooks for a premium. If you notice any unauthorized charges, immediately contact your bank.
- Be alert for potential charity donation scams—Think before clicking on emails requesting donations. Make a contribution by navigating to the trusted web address of the charity, never through a link in an email.
- Secure your computer and mobile devices—Keep your anti-virus and anti-spyware software up to date, along with your firewall. They will help monitor all online activities and protect your computer from viruses, worms, Trojan horses, and other types of malicious programs.
- Don’t use public Wi-Fi for personal banking or online shopping—Personal information should never be sent through unsecured wireless connections in public places. Get you Starbucks Peppermint Mocha and don’t stay for the free Internet!
- Use your smartphone wisely—Mobile devices offer convenient consumer resources but may also provide cyber criminals with your personal and account information.
Follow Francesca on Twitter @Francesca_cyber.