5 Tips: Keep Your Holiday Shopping Safe and Secure

5 Tips to keep your holiday shopping safe and secure

It’s that time of year again—and as usual, there are far too many scammers out there trying to take a bite out of your holiday cheer.  These expert tips will help you reduce the risk:

1. Be skeptical of social media ads.  If a Facebook friend shares an advertisement touting a great price on a sought-after item, such as a video game, do your research before buying—indeed, before so much as clicking the link.  Your friend may have fallen prey to con artists who trick users into these posts, often without their knowledge.  In fact …

2. Don’t be greedy where price is concerned.   You’ve heard it a thousand times, but it bears repeating: If it seems too good to be true, it probably isn’t.  Be wary of “retailers” you never heard of offering items far below market price.  At best, you’ll never receive the item you ordered; at worst, you may become a victim of identity fraud.

3. Look for the extra “s.”  By now, the vast majority of websites begin with “https,” not merely “http.”  While not flawless, that extra little “s” adds major security to your transaction—make sure it’s there!

4. Never transfer funds.  Scammers often demand payment via wire transfer.  This is a giant, waving red flag—if you’re buying goods and such a request is made, run away immediately.

5. Credit is better than debit.  Credit cards offer many consumer protections that debit cards do not; refunds are easier to obtain, and your credit-card provider will be your ally if problems do occur.


Here’s a new “skimming” risk to worry about—this crime isn’t just for gas stations and ATMs anymore.  Experts are warning that hackers are watching our online shopping carts, too, in order to steal our credit card and debit card information. 

1. What it is.  E-skimming occurs when you shop online at a legitimate business’s website.  Criminals skim your personal data during the transaction; the sale goes through as it should, but in the process your name, credit-card information, and more is also directed to the crooks.

2. How it happens.  Typically, the scammers exploit weak links in a company's e-commerce platform.  In many cases, consumers are redirected to a malicious domain where the skimming code captures their information from the checkout page.  Your data is captured in real time and sent to a remote server, where it’s collected by the bad guys.

3. What happens to my personal information?  Your credit card data is either sold on the Dark Web or used to make fraudulent purchases.  If it does find its way to the Dark Web, experts say it’s acquired by other criminals to create counterfeit cards, launch phishing attacks, and commit other types of fraud.

4. What’s new and different about these attacks?  For starters, e-skimming is virtually impossible to spot as it happens.  That’s because unlike ATM and gas-pump skimmers, e-skimming involves no hardware for savvy consumers to see.  The other major problem is that because the data is collected in real-time, the credit cards are far more likely to be active when the crooks use them.

5. How can I reduce my risk?  Use credit, not debit, when shopping online.  And believe it or not, many experts prefer that you allow e-retailers to store your card numbers—that way, you won’t have to enter them in forms each time you check out, and that’s where e-skimming occurs.