This story is part of with tips on the best ways to manage the holiday season.
Today, Thanksgiving, enjoy enjoying family, friends and food (or at least manage them – here is our. Black Friday is about shopping tomorrow. But while looking at scammers look for ways to steal your money, or worse, your identity.
Consumers spend an estimated $ 29 billion online Thanks to all that money, cyber criminals will be busier than ever to use malware to target you and the online retailers you trust in. Some hackers, such as those who hit Macy last month, attack vendor websites However, many more scams are designed to lure you away from legitimate sellers and lead you to malicious sites or apps that are often known retailers such as Amazon, Best Buy or W almart cheat.
Research from, for example, RiskIQ, a security company, said it has nearly 1,000 malicious apps with vacation-related terms and more than 6,000 apps with names and slogans from popular retailers to bring in unsuspecting victims. RiskIQ also said it has found 65 malicious websites that act as popular retailers in an effort to fool you into providing your personal information.
As always, your best armor against these schedules, scams, fraud and drawbacks is the knowledge you need to sniff them out. Here is everything you need to know about (not being) duped during these holidays.
A recent survey by cyber security company McAfee reports that 41% of Americans fell victim to email phishing schemes in 2019. It is not surprising that a similar number – 39% – reported sending email senders or websites from do not check retailers for authenticity.
To top it all off, 30% of respondents reported losses of $ 500 or more in the past year alone.
If the RiskIQ data is any indication, expect an increase in messages that claim to have come from Amazon, Best Buy, Walmart, Target or other major retailers in the coming months. If you receive an email asking you to update your payment method or request other personal information, contact the company's help desk to verify that the email is legitimate before doing anything else.
Other ways to identify a phishing email, according to the Federal Trade Commission and StaySafeOnline.org, include:
- The sender's email address looks almost looks good, but contains extra characters or spelling errors.
- Wrong spelling and / or bad grammar in the subject line or somewhere in the message.
- Address with generic terms ("Mr." or "Madam" or "Dear Customer") instead of by name.
- The message warns you to take immediate action and asks you to click on a link and enter personal information, in particular payment information.
- The messages promise a refund, coupons or other freebies.
Credit card skimming goes completely digital
Credit card skimmers who steal your personal data when you swipe a credit or debit card at the ATM gas pump, or other payment kiosk have existed for more than ten years, but October attack Macy & # 39; s is an example of the same technology that is used digitally.
In essence, instead of using physical hardware to steal payment card numbers, hackers placed malicious code directly on Macy's website to do the same with online payment information.
Regarding online skimming of credit cards, Tim Mackey, the main security strategist for Synopsis, warns a digital security company: "There is no obvious way for the average person to identify if and when a website is compromised. The only potential signal may be that the website itself does not look quite right. "http://www.cnet.com/"
Mackey suggests some strategies that consumers can use to protect themselves:  Do not store your credit card details on store sites
Avoid the & # 39; Secret Sister & # 39; gift exchange ing – it's a pyramid scheme
Coming to Facebook somewhere around 2015, this gift exchange between strangers on the internet responds to the popular workplace practice of "Secret Santa", a game where each person presents a gift for another, random selected person purchases without anyone sharing his fifteen. Instead, it is a pyramid scheme dressed in holiday clothing, according to the Better Business Bureau. The "Secret Sister" exchange invitation promises that you will receive approximately $ 360 in gifts after buying and sending a $ 10 gift for someone else.
Unfortunately, such bad mathematics has not prevented this scam from reappearing year after year. You will probably not only earn $ 10 if you do not receive any gifts, but the program also involves passing on personal information (names, e-mail addresses, telephone numbers) to people you have never met in person.
The Better Business Bureau recommends handling any request to become a secret sister by ignoring it – do not give your personal information to strangers online. You can also report the invitation on Facebook or on whatever social network you have been approached.
& # 39; Juice Jacking & # 39; fears can be exaggerated
The office of the public prosecutor in Los Angeles County published a blog post earlier this month advising citizens not to use USB charging ports in public places such as airports and shopping malls, warning hackers could install "juice-jacking" "software that downloads malicious code on connected phones and tablets and gives thieves access to your personal information.
Although that is theoretically possible, as the urban-myth-busting website Snopes.com states in a recent post, the chance that this actually happens to you is incredibly small.
When TechCrunch contacted the LA County DA to ask how widespread the problem is, the Chief Public Prosecutor could not find real cases of & # 39; juice-jacking & # 39; confirm in the books. One reason could be that most smartphones and tablets that are currently in use now have software to prevent exactly these types of attacks – therefore your phone asks if you trust the connection when you connect it to a laptop or desktop to work on load.
As long as shopping still exists, scammers and thieves will try to oust you. In the meantime, the best thing you can do is to stay ahead of their deception and protect yourself with knowledge. View our Holiday Survival Guide for more strategies to endure this fun but stressful season. We've gathered the best tips and tricks for de-stressing after marathon shopping sessions, how you can use your smart assistant to manage vacation gatherings, whether you're using Google Home or Amazon & Alexa, and how to eat healthy without dessert to skip.
Originally published earlier this month.