The holidays are upon us and you’ve likely made a list of gifts to buy for family and friends. Whether you frequent your favorite stores or escape the crowds by shopping online, scammers are on the lookout for unsuspecting customers. In today’s world, protecting yourself from cyber theft is more important than ever.
Continue Reading Below
“There’s an increase in fraudulent activity during the holidays because there’s more opportunity for thieves,” says Tim Francis, enterprise cyber lead for Travelers.
More holidays shoppers are expected to shop online, with online shopping projected to generate $89 million in November and December, a 13% increase from 2013, according to Forrester Research. “The ease of online purchasing creates risks for shoppers who unknowingly may be targets of cyber scammers taking advantage of the busy holiday season,” says Victor Diaz, executive director at USAA.
Being careful with your wallet and purse at all times is a good first step. Experts suggest tips for how you can protect against fraud and identity theft, whether you shop online or off.
Use a credit card instead of your debit card
“Where possible, use a credit card as opposed to a debit card — you’ll have better opportunity as a consumer to back those charges out,” says Francis.
Continue Reading Below
Both credit and debit cards have similar protections with almost no liability for fraudulent charges, but credit card companies deal directly with merchants rather than you and your bank.
“When you use a debit card, the money comes directly out of your account like an ATM withdrawal,” says Francis. “When it’s credit, the credit card company is fronting that — you haven’t paid for the items and can negotiate with the credit card company rather than having to ask the bank to put the money back in your account.”
Use different logins and passwords
Experts caution against using the same authentication information on different websites. “In the event where you get compromised, someone can do a lot of damage if they get a hold of this information and you use the same usernames and passwords for everything,” says Francis.
Shop at known merchants
Criminals sometimes create false websites that advertise the latest and greatest toy to gather information from unsuspecting shoppers, says Chris Mark, PCI national practice lead at AT&T Security Consulting.
These websites may not represent legitimate stores and sometimes offer items for prices that may seem too good to be true. Once you enter your credit card information, the person behind that site has your information.
Diaz suggests typing in the URL for the website. “If you just click on a link for a popular store, that site may not take you to actual store — it might take you to a site in a foreign country,” he says. “You need to be extra careful because the fake site might look very similar to the real site.”
For an added security measure, experts suggest typing in the URL with “https” instead of “http” — the “s” represents a secure connection, designated by a lock icon in the URL, and that your data is encrypted. “If someone grabs that traffic, they can’t read your data,” says Mark.
Block Pop Ups
Read the message before clicking “OK” to pop ups. “These pop-ups or even banner ads are especially dangerous and could trigger your computer to download a nasty virus or spyware,” says Diaz. On a mobile device, clicking “OK” could give someone permission to use your device to send text messages to a recipient that charges or to make international calls — either way, you’re stuck with the bill.
Don’t use unknown Wi-Fi hotspots
“Your mobile device is often designed to automatically connect to Wi-Fi hotspots — criminals will go out and set up access points with the same name,” says Mark. When using an unknown Wi-Fi hotspot, your credit card numbers, usernames and passwords, or other personal information may pass through a rogue device.
To protect yourself, experts suggest turning off automatic connectivity on your phone and when in doubt about a free Wi-Fi hotspot, using your data connection, like 3G, 4G or LTE.
Sign up for account alerts
“Most banks and credit cards have free security alerts that can be activated by customers online and received via email or text message,” says Amanda Landers, spokesperson for Capital One. These alerts can be customized to help you quickly identify any unusual activity, like purchases above a certain amount or changes to your account balance, as well as changes to personal information or login credentials.
Experts suggest contacting your bank immediately if you see any suspicious activity from a security alert or on your statements.
Monitor your credit report
“Keep tabs on activity that impacts your credit report and ensure it’s accurate,” says Landers. When you review your credit report, look for unusual or inaccurate information like address changes or new accounts that you didn’t open.
If you believe your identity has been compromised, experts suggest asking the credit reporting agencies to put a lock on your credit report. “If somebody were to try to get a line of credit, they would have to go through a bunch of steps to verify it was you,” says Mark.
Compile creditor information
“Keep a list of all creditor information including contact information, account numbers, expiration dates and any other relevant information,” says Landers. If you’ve lost your wallet or misplaced a credit card, you can reference this list to know which companies you need to call. Store this information in a place that’s secure and easily accessible, like as an encrypted document on your home computer that has firewall and secure wireless.
Have a security password on your phone.
With mobile wallets and apps that can access your bank and credit card accounts, experts recommend having a password on your phone that locks out within five or ten minutes. “If you’re phone itself isn’t secure, you’ve now let people have access to all your information and to the app that will allow someone to make a transaction,” says Francis.