Online fraud attempts rose 22 percent between Thanksgiving and New Year’s Eve last year. Between Thanksgiving and Cyber Monday alone, malware infections jumped 123 percent, per reports from Enigma Software Group’s anti-malware SpyHunter software.
Here are some of the seasonal scams the BBB is warning consumers to watch out for, and how to fraud-proof your holiday shopping plans.
Shopping red flags
Don’t get so caught up in the Black Friday frenzy that you miss warning signs that a deal is too good to be true. So-called “online purchase scams” — which include fake web sites, among other woes — were the BBB’s top-reported scam in 2017.
Don’t click on emailed links without scrutinizing the source of that sale mail. You could end up at a look-alike site out to collect your credit card details and other info. At checkout, make sure the browser shows a lock symbol and a web address starting with an “https” (versus “http”), meaning it’s secure.
Fake shipping notifications
This scam shows up as an email purportedly from a big retailer (one that you may or may not have ordered from) or from a shipper such as UPS or FedEx. Usually, it’s a vague warning of a shipping delay or some other problem to entice you to click on a link and get more information.
But doing so could trigger a malware download. Instead, go to the retailer or shipper’s site directly, and look up your order status using details such as an order confirmation or tracking number.
Santa letter phishing
Want your child to receive a letter from Santa? Be careful about the company you pick and what kind of personal details you give out. The big risk here isn’t that your child won’t hear from Santa, but that you’re providing key details to a phisher who will use it to
perpetuate other fraud or identity theft
Check for reviews and a good BBB rating before you order a Santa letter and think twice before providing details such as your child’s full birth date.
Roughly 40 percent of all charitable donations are made in the last few weeks of the year. Scams pop up in the form of donation solicitations via email, social media and text.
Before you give, check into the charity to make sure it’s legit. Give directly via a channel you know is correct — say, the nonprofit’s website — to thwart attempts where the charity is real but the donation request is a phishing attempt.