Easy Ways to Avoid Credit Card Fraud & Other Scams During the Holidays
While we often joke about how often we swipe our credit cards, during the holiday season we tend to up the ante. With all of those extra transactions comes a chance for criminals to steal your credit card data or even your identity.
Thankfully, our cyber risk management guide will help you protect yourself all year around. But below you will find some key tips to be especially mindful of during your holiday shopping. Read below for details on each.
Tips For Online Shopping
- Avoid Public Wi-Fi
- Always Use A Secure, Encrypted Website
- Shop At Known Retailers
- Avoid Coupon Clipping Sites
- Use A Single Card For Holiday Shopping
- Close Your Browser When Finished
- Check Your Transaction History & Statements
Tips For Dining & Offline Shopping
- Avoid Debit Cards
- Pay With Cash
Tips While At Home
- Be Suspicious Of Deliveries
- Bring Packages In As Soon As Possible
- Be Suspicious Of Calls
Tips For Online Shopping
Avoid Public Wi-Fi
While it may seem nice to have ‘free wi-fi’ at Starbucks, the W, or your club, know that these are extremely insecure and prone to hacker activity. If able, utilize your cellphone data connection or private hotspot as cellular connections are more secure. If you must use a public wi-fi connect, use a Virtual Private Network (VPN) to encrypt your data. Remember, when shopping online you are releasing your name, address, phone number, and credit card information into the wild.
Always Use A Secure, Encrypted Website
If the retailers Uniform Resource Locator (URL) in your browsers address bar does not begin with HTTPS (notice that you are connected to HTTPS://PrivateRisk.org), you are more susceptible to cyber loss.
Shop At Known Retailers
Yes, HottestChristmasGift.com may be offering that widget for 20% less than Amazon but be mindful that these niche sites are generally insecure at best, making them a target for thieves, or in some instances are malicious in themselves. Save your “support small business” mindset for your local retailers.
Avoid Coupon Clipping Sites
While a large site like eBates is reputable, when you find a 3rd party offering a discount for another retailer’s website, just assume it is fraudulent. Many coupon sites are riddled with phishing scams.
Use A Single Card For Holiday Shopping
Keeping all of your transactions on a single card will greatly minimize the damage if you are compromised. You will only need to file one incident report, suspend one card, and manage one card vendor.
Also, be sure to avoid using your debit card. If compromised, this means the thieves have direct access to your bank account. Once the cash is removed it is much harder to recover.
Close Your Browser When Finished
It may sound like a tip from your parents but be sure to clean up after yourself. For online shopping, that means logging out of your accounts and closing your browser window. Even if on a private computer, this will still clear the cache and help prevent a bad actor from finding a backdoor to your data.
Check Your Transaction History & Statements
It is very easy to look at the holiday season as we tend to do with vacations: “That looks about right. I’ll pay it.” However, charges which do not match the dollar value of your receipts or where there are duplicate charges could mean you have been compromised. A big red flag is if you are getting charges from retailer names you do not recognize.
Tips For Dining & Offline Shopping
Avoid Debit Cards
Leave the debit/ATM cards at home unless you are specifically taking it to get cash from a teller machine. Otherwise, the direct link to your bank account means that the money in jeopardy is yours not your credit institutions.
Pay With Cash
Simple enough. Your credit card data cannot be breached if you do not use it (excluding RFID broadcasting cards, of course). So, if you are taking the family out for a nice meal, keep it simple and leave the card at home. As an added bonus, the waitstaff generally prefers their tips in cash so you can consider it a good deed as well as a best practice.
Tips While At Home
Be Suspicious Of Deliveries
Most notable delivery services are swamped with packages so they will usually just drop a box and leave. Unless you are expecting a delivery for which you have to sign, just ask them to leave the package. Legitimate services will leave a form for your signature and will return the next day to drop the package.
Bring Packages In As Soon As Possible
Aside from the obvious theft of the parcel, a thief will now have a label with your address, a package from a retailer they now know you shop at, a receipt with partial credit data…this is a dream for an identity thief. Through a vishing scam they can likely compromise your full identity.
Be Suspicious Of Calls
The telephone has given rise to a monumental host of scams. The golden rule is to simply hang up and not engage the actor on the other end. Here are a few common ones to avoid-
Calls for Donations
Even if the caller purports to be from a charity which you support, just politely end the call and hang up. If you had intended to support the charity you can always connect directly through their website, your local contact, or in person.
Many times, these calls originate from 3rd party services which keep a large percentage of the money they raise–meaning it does not fund the organization you meant it to. Always go direct to the charity with your generosity.
Calls for Political Contributions
Similarly, you surely have planned your political contributions for the year and do not need to respond to calls. Again, it is always easier to go directly to the campaign. At the very least, use the campaigns chosen contributions platform, such as ActBlue.
Calls Threatening Legal Action
No, you are not going to be notified via phone call, e-mail, or post if the police are coming to lock you up. They will just knock on your door! If anyone asks you to transfer funds, verify your credit card number or social security number in order to avoid legal action, just hang up and let your credit card company know you may have been compromised.
What To Do When Compromised
Even if following all of the rules, the only rule which is ironclad is this- when it comes to cybersecurity and identity theft, there are no 100% guarantees. So what do you do when breached?
Here are the highlights:
- Contact your credit card company and banking institutions to let them know. They will trigger their internal protocols which usually begin with an investigation and issuing new cards to prevent further loss.
- Notify the credit bureaus. If a breach is confirmed, putting a freeze on your credit will help minimize the damage by making it difficult or impossible for a bad actor to open accounts in your name.
- Notify your risk manager. If you planned accordingly, you likely have insurance coverage which will help recover lost funds, begin identity theft monitoring services, and lay out a path to restoration & resolution.
Want More Cybersecurity Tips?
Be sure to read our complete guide to the basics of cyber risk management. If you still have more questions, contact us.