Scammers love impersonating the Internal Revenue Service, the FBI and Social Security. Why not add holiday shoppers to the list, too?
Oddly enough, retailers are being warned that sophisticated scammers could target online deals in highly automated schemes that use fraudulent accounts created with stolen data and fictitious identities.
The goal would be to scoop up door-buster deals or special coupons and deplete the inventories of hot merchandise for the holidays, according to Shannon Wu-Lebron, senior director of retail for TransUnion’s diversified markets group.
Then once the fraudsters use fake credit cards or hijacked accounts to order the stuff at bargain prices, they’re going to turn around to sell the popular toys, TVs or other deals on online marketplaces and elsewhere at inflated prices to consumers.
’Tis the holiday shopping season, which is a peak time for fraud.
“Black Friday and Cyber Monday are two of the biggest shopping days of the year for retailers,” Wu-Lebron said.
But she said it’s also a challenging time from a fraud perspective, given the high volume of online transactions and promotions.
“Fraudsters can dilute the value of deals and promotions for consumers while causing financial harm to retailers,” she said.
About 75% of shoppers plan to do half or more of their holiday shopping online, according to TransUnion’s 2019 Holiday Retail Fraud Survey, released on Nov. 19. Of that group, 46% worry about becoming a victim of fraud.
The survey of 2,593 American adults took place in October.
We’re looking at a holiday shopping season that’s six days shorter than last year.
If you’re worried about fraud, as many consumers are, here are tips to stay safe:
Beware of pitches for hot toys you can’t find
The Better Business Bureau warns that scammers might send you a text message out of the blue promoting very low prices on hard-to-find gifts. But there can be hidden charges or monthly fees or even outright fraud where someone is phishing for your personal information or credit card number.
Cyber criminals like to use big events to send emails containing malicious links or attachments, according to holiday shopping alert from the Cybersecurity and Infrastructure Security Agency.
React fast if your password doesn’t work
It’s more common than you might think for fraudsters to attempt to take over your existing credit card account in order to steal loyalty points or rewards built up on the card or make unauthorized purchases.
The fraudsters would use stolen information, perhaps from a data breach, that’s now available on the Dark Web.
If you’ve been a victim, you might spot a sign of trouble if your regular password won’t work and you’ve not changed the password. Or you might spot charges on monthly statements you didn’t authorize.
Experts say you do not want to use the same password on every site.
Take the extra steps for ID verification
Increasingly, it’s important for retailers and e-commerce sites to identify new fraud patterns as they emerge. Retailers and others now need to determine if fraudsters are using a smartphone or laptop that doesn’t match the device used in the past by a legitimate consumer, according Geoff Miller, head of global fraud and identity solutions at TransUnion.
“Moving to a digital word has allowed fraudsters to be more advanced and technically savvy,” Miller said.
About 57% of consumers surveyed said they were likely to go through the extra steps of verification to complete a purchase even if a company suspended their order due to concerns of possible fraud, according to TransUnion’s 2019 Holiday Retail Fraud Survey.
Examine that gift card before you buy it
Con artists are making millions of dollars going to major retailers to engage in a variety of gift card scams. So shoppers need to take extra precautions when buying gift cards.
“Look for gift cards that are either near, at or behind the register, or those that need to be loaded with funds before they’re usable,” according to Brian Krebs, who writes a blog called “Krebs On Security” and author of a bestseller called “Spam Nation.”
He noted that most retailers and restaurants that sell gift cards also allow you to order those cards via their websites — which might be a smarter option to avoid some types of fraud.
Con artists have engineered a way to steal information and tamper with gift cards inside the store before you buy the gift card. As a result, you must take time to examine the decal covering a PIN to make sure the PIN isn’t visible.
Remember when it comes to decals, though, “thieves can easily scratch those off and then replace the material with identical or similar decals that are sold very cheaply by the roll online,” according to KrebsOnSecurity.com.
It’s part of an elaborate scheme where crooks can gather enough information off a gift card on the rack, go online to monitor the gift card account’s activity at the retailer’s online portal and then strike once the cards are paid for and activated at the checkout register.
“Once a card is activated, thieves can encode that card’s data onto any card with a magnetic stripe and use that counterfeit to purchase merchandise at the retailer. The stolen goods typically are then sold online or on the street,” according to KrebsOnSecurity.
Don’t fall for a text from the bank
The holiday rush puts everyone on edge about their money — and scammers know it.
Now, the con artists are texting consumers pretending to be their bank regarding a need to reset your password because of a fraudulent charge of some sort. Don’t do it. The scammers want to download malicious software onto your device to retrieve information. Or they want you to call someone and give them bank account information.
“You may think, how do they know which bank I use?” said Melanie Duquesnel, president and CEO of the Better Business Bureau serving eastern Michigan and the Upper Peninsula.
“Hackers can easily view past web traffic and easily identify which bank you use.”
After all, it’s as simple as someone hacking into your computer and looking at browser information. Scammers also now hack smartphones as well and can potentially view your apps.
If you’re worried that there may be an issue with your account, call your bank directly using a number found on your statement. Ignore any prompts to text “stop” or “no” as well, because that’s a common ploy for scammers who want to confirm that they have an active number.
Watch out for fake shipping invoices from Amazon or DHL where scammers take advantage of the rushed nature of the shopping season to get you to click on a link.
Be aware of e-skimming
Scammers are able to gain access to e-commerce sites in order to steal your credit card number as you make purchases online.
The Federal Bureau of Investigation warns: “E-skimming occurs when an attacker injects malicious code onto a website to capture credit or debit card data or personally identifiable information.”
Small and medium-sized businesses, as well as government agencies, that take credit card payments online may be vulnerable.
Be wary of attachments in any email that you receive. Don’t click on pop up ads. Use a credit card instead of a debit card online, for more consumer protection.