The biggest online shopping days of the year are just around the corner. And with the economy struggling, we're all looking for ways to save big and shop smart this holiday season. But before you jump on those Black Friday and Cyber Monday flash sales, ensure you're protecting your wallet and identity. How? Be on the lookout for common scams, act quickly if your information is compromised, and use a password manager to shop online safely.
Popular scams in 2022
Fraudsters love the holiday shopping season. Credit bureau TransUnion estimated that in 2021 nearly 20% of online shopping transactions between Thanksgiving and Cyber Monday were fraudulent. According to the FBI, Americans lost over $337 million in online shopping fraud last year. So the stakes are high this time of year, and it pays to be vigilant. A few ways cybercriminals may try to trick you this online shopping season include:- Fake online stores where a social media ad leads to a bogus store. They may even impersonate popular brands. When you enter your personal information and payment card, they harvest the data and steal your money, leaving you empty-handed.
- Payment processing scams that require gift cards, wire transfers, or money orders instead of a credit card. Not only is no product delivered, the payment method typically isn't insured, and the victim has no recourse.
- Phishing attacks trick you into clicking a link that lures you to a fake login page, where they harvest your login credentials or other personal information. A fraudster may leverage social engineering to impersonate someone else or appear trustworthy before sending a malicious link.
- Bogus merchandise scams are where the scammer advertises one product but then sends an inferior or fake product.
How to stay aware
A typical scam includes many red flags. If something feels "off," slow down and look around. Here's how you can see if there are warning signs of a scam:- Check the URL and look for slight variations in the domain. It's always best to go directly to a trusted website rather than through an online ad.
- Verify a product and brand using social media, online reviews, comparison shopping, and "about" information for the company. If information is scant, it's probably not legit.
- Compare prices to be sure it's a good deal but not TOO good. If the price point is more than 50% lower than other retailers, proceed with caution.
- Watch for typos and shoddy design, which indicate something rushed and unprofessional. Dedicated retailers take great pains to make their brands look good. Bad grammar, misspelled words, and poor graphics are all typical on fraudulent websites.
- Pay by credit card for better liability protection on purchases and to better protect your checking and savings accounts. Gift cards, wire transfers, or money orders are a no-no.
- Think before you click to ensure you're not downloading malicious apps or files or falling prey to phishing links. Hover over a link to see what the URL or action is before clicking.
What to do if you're a victim
First, don't panic. Attempt to contact a seller if you believe there's an issue with your order. If it becomes clear that you're the victim of a scam, your immediate priority is to contain the damage. Cancel any affected credit cards. Call your bank to report fraudulent transactions and suspend any accounts if needed. If you used a third-party platform to complete the sale, like eBay or Facebook Marketplace, report the issue to them. Also, file a report with the FTC, the FBI's Internet Crime Complaint Center, your state attorney general, and the BBB. If personal information like your social security number was compromised, contact the three major credit bureaus to place a fraud alert on your credit reports or to freeze your credit.Add security with a password manager
Staying alert while online shopping is essential, but remember to put cybersecurity precautions into place before you start hunting for deals. A password manager like LastPass provides a foundation for strong online security. By making it easy to create and store different passwords for every online login, LastPass strengthens your accounts against hackers and fraudsters. In addition, LastPass will only fill in credentials on a URL that is an exact match, preventing phishing scams from capturing login details. LastPass also makes it easy to manage multi-factor authentication (MFA) on many accounts, adding extra layers of security to thwart cybercriminals.