Holiday Shopping Fraud 2020

November 14, 2020

Online shopping fraud has shot up by 30% in 2020, with increased spending during COVID-19 lockdowns likely being the leading cause. holiday image

What should you look out for while shopping this holiday season? Review these security issues and how to avoid them to help protect yourself from identity theft and other malicious activity while shopping online during the holiday season and throughout the year. 

Fraudulent Sites and Email Messages 

Unlike traditional shopping, where you know that a store is actually the store it claims to be, attackers can create malicious websites or email messages that appear to be legitimate. Attackers may also misrepresent themselves as charities, especially after natural disasters (such as the CZU fire) or during holiday seasons. Attackers create these malicious sites and email messages to try to convince you to supply personal and financial information.

HOW TO AVOID

Do business with reputable vendors

  • Before providing any personal or financial information, make sure that you are interacting with a reputable, established vendor. Locate and note phone numbers and physical addresses of vendors in case there is a problem with your transaction or your bill.
Be wary of emails requesting information
  • Attackers may attempt to gather information by sending emails requesting that you confirm purchase or account information. Legitimate businesses will not solicit this type of information through email. Do not provide sensitive information through email.

Insecure Transactions

If a vendor does not use encryption, an attacker may be able to intercept your information as it is transmitted.

HOW TO AVOID

Make sure your information is being encrypted

  • Use sites that encrypt your data. Indications that your information will be encrypted include a URL that begins with "https:" instead of "http:" and a padlock icon. If the padlock is closed, the information is encrypted. The location of the icon varies by browser; for example, it may be to the right of the address bar or at the bottom of the window. Some attackers try to trick users by adding a fake padlock icon, so make sure that the icon is in the appropriate location for your browser.

Use a credit card

  • There are laws to limit your liability for fraudulent credit card charges, but you may not have the same level of protection for your debit cards. Additionally, debit cards draw money directly from bank accounts, unauthorized charges could leave you with insufficient funds to pay other bills. You can minimize potential damage by using a single, low-limit credit card to make all of your online purchases. Also, use a credit card when using a payment gateway such as PayPal, Google Wallet, or Apple Pay.

Vulnerable Computers

If you do not take steps to protect your computer from viruses or other malicious code, an attacker may be able to gain access to your computer and all of the information on it.

HOW TO AVOID 

Check Computer’s Security

  • You will want to install all critical and security-related updates as soon as possible. UC’s Minimum Security Standards ensure that computers connected to the campus network are protected from any potential threats. Be vigilant when using a shared computer, others who use the device could accidentally infect it with malware.

Follow @ucscITS on Twitter for other holiday cybersecurity tips and to participate in our Holiday giveaway to win a $25 Amazon Gift Card.

Happy shopping, and stay safe!