Between high inflation, the threat of a global recession and ongoing supply chain issues, the holidays are starting earlier than usual. Amazon.com is having an early-October pre-Black Friday event they’re calling a “Prime Day Early Access sale.” And while we may not be hearing Christmas carols in the aisles of stores yet, Home Depot is already pushing Christmas-themed decorations in their lawn and garden sections..
An early start to the holidays means an early start to the scams targeting shoppers and retailers alike. Here are seven tips to keep your finances safe during the holiday season.
- Avoid deals that are too good to be true: Although many retailers and e-commerce sites typically offer discounts during holiday sales, be skeptical of shockingly low prices. In economically turbulent times, no one sitting on a pile of Nintendo Switches is going to try to offload them at half price. If a deal looks too good to be true, it is.
- Spot fake e-commerce site like a cybersecurity pro: It’s easy for scammers to create e-commerce sites or clone existing ones. You may end up buying a cheap knock-off of whatever you were shopping for, or unwittingly supply a thief with your login or credit card information. Double check the domain name of the sites you visit (Amazoon.co, Googlle.com etc), and comparison shop at reputable online marketplace vendors (eBay, Etsy, Amazon Marketplace, among others).
- Don’t use public WiFi: Looking for price comparisons while shopping for gifts is smart, but using public WiFi isn’t; your session can be intercepted by a man-in-the-middle attack. If you’re going to use public WiFi, use a trusted and well-reviewed VPN to make sure your data is protected in transit.
- Don’t click delivery notification links: Expecting multiple deliveries at your doorstep creates an ideal environment for SMiShing attacks (phishing through text messages). If you’re looking for the status of a package, go to the website of the delivery service rather than clicking a link on your phone; it could be a phishing link meant to download malware or steal your data.
- Don’t reuse your “easy” password when checking out at a new site: Most of us have a go-to password that we can easily remember that we use across multiple sites. None of us should. By reusing the same passwords across multiple sites, you’re effectively providing cybercriminals with a skeleton key to the accounts where you’ve used it, and potentially your payment information. Consider investing in a password manager rather than using a weak or compromised password. While you’re at it, check your “go-to” password on HaveIBeenPwned.com and check to see how many of your accounts have been compromised.
- Look for the padlock: SSL-encrypted websites have become the norm online, but not everyone uses this technology. Any website URL that doesn’t have a padlock next to it means your credit card number, personal data and login credentials can be intercepted by a third party.
- Monitor your accounts: Scammers may try to charge phony transactions during the holiday season. Check your bank and credit accounts daily to make sure you recognize all the charges, and if you discover that someone is siphoning funds, report it right away and file a police report.
- Use a credit card: Credit cards often offer more protection against fraudulent charges than debit cards. Recovering money stolen from a bank account can be an involved process. When your debit card is compromised, your money is on the line. If your credit card is compromised, it’s the credit card company’s money.
- Set up transaction alerts on all your credit card accounts to automatically contact you the moment a suspicious charge is billed to you.
The holidays are starting early this year because retailers are concerned about the effect of inflation on sales they count on to make ends meet, but scammers go where the money is, and they don’t care if you can’t make ends meet. As ever, you are your best defense against the many ways threat actors target consumers during the holiday season.