Practice diligence while shopping online

During this time of year, cybercriminals and scammers like to get into the celebration spirit by increasing the quantity and sophistication of their scams to exploit victims for their own financial gains.
Cybercriminals and scammers often take advantage of the giving nature of people, especially during holidays and festivals. They leverage social engineering and other techniques to prey on their victim's emotions and feelings of goodwill during the season to attempt to steal money and personal information. They also attempt to hide their attacks in the flurry of shopping and other activities hoping that their actions will go unnoticed.
Here are a few of the common scams to be on the lookout for.
Look-alike websites: As you do your online shopping, be sure the sites that you visit are legitimate. Watch out for URLs that use names of well-known brands along with extra words and characters. Look for "https" and a lock symbol in the web address to indicate that a site is using security. Look for misspelled words, requests for your personal information, and prices that seem especially low - especially for popular yet hard to find items. Chances are, those deals probably are too good to be true.
Fake shipping notifications: If you receive an e-mail notification that "your package has shipped," and you suspect that the notification is fake (i.e. you aren't expecting a package), exercise extra caution. Be suspicious of invoices for things you didn't order, especially if the price seems especially high. Certainly don't click on the e-mail on any attachments or embedded links because they could download malware onto your computer in an attempt to steal your personal information.
E-cards: We all enjoy greeting cards, even e-cards. But if you do receive one, beware of two red flags - the sender's name is not clearly visible, or you are required to share personal information to get the card. Chances are, it's a scam.
Emergency scams: If you get a call or e-mail claiming a family member or friend has been arrested, has been in an accident, or was hospitalized while traveling, never send money unless you can confirm the incident. Contact them or others that know them directly, and use traditional methods for sharing funds directly with the individual.
Phony charities: People are usually in the giving spirit during the festivals, and scammers take advantage of that with fake charity e-mails, social media pages, and even text messages. Make sure to verify that the charity is legitimate before contributing to it, and that any links provided are legitimate. Often, the best option is to go directly to the charity's website to make a donation rather than using any links embedded in an e-mail or website.
Unusual forms of payment: Be wary of anyone asking you to pay for purchases using prepaid debit cards, wire transfers, third parties, etc. These payments often cannot be traced or undone if they are fraudulent transactions. Instead, shop with legitimate retailers that take traditional forms of payment and that provide things like receipts and a reasonable return policy.
Free gift cards: Pop-up ads or e-mails offering free gift cards may be legit - or, more likely, they are a phishing attempt to get your personal information it can later be sold on the dark web or used for identity theft. Again, if an opportunity sounds too good to be true, then it probably is. Do your due diligence by contacting the organizations or merchants supposedly offering them.
Swiping Safely: Since most credit card companies offer fraud protection on fraudulent transactions, and financial protection if your card is lost, stolen, or misused, consider using your credit card instead of your debit card when making purchases - or even when making any larger purchase. When you need to get cash, it is best to find a bank and use the ATM located inside the building. If that is not an option, carefully inspect the ATM for card skimming devices or anything that looks out of the ordinary before inserting your card into the slot. ATMs are designed for thousands of transactions, so anything that can be wiggled, is the wrong size or color, or otherwise doesn't seem to fit should be a warning sign.
Take Action!
Finally, if you see something, say something. Report suspicious activities to the merchants, banks, charities, and other organizations being misrepresented, as well as to the cybercrime division of your local law enforcement center.
Nothing can spoil the joy of shopping online more than being a victim of a cyber scam or other malicious activities. If you take the time to follow the guidelines posted above, you are likely to have a good online shopping experience you have been anticipating.
- Alain Penel is the regional vice president for the Middle East region at Fortinet. Views expressed are his own and do not reflect the newspaper's policy.