Are you worried about holiday shopping scams? According to data from the Better Business Bureau, you should be.
It’s that time of year again when the holidays arrive in succession, and scammers take note. While you place a cornucopia on your dining room table, fraudsters are developing new ways to steal your hard-earned cash.
Due to the internet, con artists and thieves don’t need to know you personally – they can collect funds through payment options, such as CashApp and PayPal, and credit card information from people half a world away. The holidays give online and offline thieves multiple opportunities to steal, anonymously con others, or phish private information. As you focus on winter decorations and holiday lights, fraud is targeting trusting shoppers, such as you and your loved ones.
Worse, the more we shop online, the more we put ourselves at risk. Although holiday shopping scams are on the rise, learn the cutting edge ways to protect your wallet, data, and (ultimately) your peace of mind!
Why Be Cautious This Season?
You’re not alone in wondering how to shop this holiday season safely online. Every shopper wants to get what they need, securely, without the fraud that they don’t.
Although consumers used to rely on in-person retail shopping, digital stores, and online shopping is now a large portion of the market. Estimates suggest that, globally, there will be 1.92 billion online shoppers in the year 2019.
Unfortunately, many of these individuals will mistakenly risk their financial data by going to fake websites, exposing their passwords, or trusting the wrong sellers. Some research shows that ⅓ of all data breaches involve phishing or fake emails sent from what appears to be.
Even if you aren’t familiar with phishing, your email inbox is. When consumers go to retail stores, they make sure to protect their wallets, shopping bags, and credit card details. However, credit card numbers can still be compromised by an in-store associate.
Meanwhile, now that shopping has gone digital, the number of potential scams and tricks has expanded ten-fold. It is crucial to educate yourself and use the modernized safety measures outlined in our in-depth guide. Learn the warning signs and prevent yourself from being a victim of online theft, shopping scams, and identity fraud.
Holiday Shopping Facts and Statistics
Before you go online to holiday shop, know that 8% of people report being a victim of holiday identity theft, while 43% of identity theft occurs on the web.
Scammers begin ramping up their scams in October, in preparation for holiday shopping. They know that the influx of online purchases gives them plenty of opportunities to scam others, and they’re in it for the money!
This doesn’t mean you’re safe in the early fall months, either. According to the F5 website, from September through October, phishing attacks focus on any top 10 sites.
Both planned and sudden purchases can put you at risk for holiday shopping scams. The commonality between most scams is that the fraudsters involved will steal credit card information or gift card numbers as consumers trusting the wrong website, email in their inbox, or seller.
Scammers are like salespeople and approach as many people as possible by email, phone, text, direct messages, and website scams. Their success is a numbers game, and the more people they reach out to, the better their odds. Scammer success relies on tricking a small percentage of people who don’t recognize that they’re being scammed.
How quickly do scams occur?
As quickly as you download malware, click on a link that redirects you to a phishing site, enter your credit card number, or send the wrong person your information.
Online thieves will find sneaky ways to acquire any of your details, including financial or banking information, gift card numbers, account information, cash, credit card numbers, social security number, driver’s license number, email, and home address, password, health insurance information, and more.
Black Friday Scams
Black Friday is a shopping discount day held on the day after Thanksgiving. Some stores open up at midnight for the day, while others open up first thing in the morning or even in the evening on Thanksgiving.
It is popular enough that adults spend over $90 million annually on the big day. Black Friday is celebrated in brick and mortar stores and also online, though some online retailers hold out for Cyber Monday.
How Black Friday Scams Work
Black Friday scams take many forms. Online Black Friday scammers rely on fraudulent emails that steal your credit card and banking information through phishing websites, keyloggers downloaded with malware, and fake sales sites or sellers.
Other Black Friday scams include the bait and switch method when an expensive item is advertised for a great deal or at a discount, but the buyer arrives at the store only to find another (less expensive) brand promoted in its place. The store may have a limited number of popular brand items available for the advertised Black Friday sale price.
Although the vendor should disclose the number of items they will sell at that price, would-be shoppers may not see the disclaimer. Other times fly by night sellers try and promote products, knowing that shoppers won’t realize they aren’t an established store or don’t have a trustworthy return policy.
Black Friday shoppers also click on links in online advertisements that aren’t sent from the company itself. While you think you’re buying a quality item, you purchase a knockoff item that may lack a warranty or refund.
Another Black Friday scam occurs when you go to buy an item but are required to download an app first.
Warning Signs
The Price is Too Low
If you see a product advertised at a price that is far lower than the competition, be suspicious. It could be that the store only has a few of the item, as explained above, or that you are part of a phishing scam designed to get you to click on the “too good to be true” offer that will redirect you to a website and steal your information, within seconds.
No Disclaimer
If you encounter a Black Friday scam when you are in an actual store, ask to speak to the manager and show them any advertisements you received. If the ads did not specify how many items they will sell at that price, ask the store to honor the discount.
Look at the fine print and check for disclaimers. Call the store’s corporate office, if you are still unsatisfied, and keep your receipt. For online scams of this type, report fraudulent activity to the FTC.
You’ll pay more?
Believe it or not, some sellers know that Black Friday shoppers have money to spend and try and charge more than the suggested price for an item. They hope that a deal you’re wanting will sell out and you’ll come to them, ready to spend!
Impulse Buying
If you originally intended to buy a product from a specific brand of manufacturer, don’t be deterred by flashy advertising for products that look similar. Stick with your intended purchase and do your research about lesser-known brands.
Cyber Monday Scams
Cyber Monday occurs on the Monday after Thanksgiving. It is the day when the most online shopping occurs, but there is also a hotbed of internet scams!
With Cyber Monday sales reaching $7.8 million, more and more cyber-criminals want to get in on the action. To an online criminal who already conducts their dirty dealings online, Cyber Monday is the perfect opportunity for theft and fraud.
How this Scam Works
While real sellers and websites send out mailers and advertisements for Cyber Monday deals, scammers use the day as a cover. They know that online shoppers will be afraid to miss out on special offers. Many online shoppers will end up clicking unknown links and trying to purchase items before a “deal ends”.
If you trust everything that you see in your inbox for Cyber Monday, you might end up on non-secure phishing sites with your information compromised. Another ploy that Cyber Monday retailers use will be similar to Black Friday knockoff item scams.
You’ll believe you’re buying a better brand and getting a great deal until it arrives in the mail. Or, maybe you are given the product and deal you want, but the retailer charges a considerable sum for shipping and handling.
Social media platforms are often used to disperse questionable links or people’s real accounts hacked, and the spammer posts link to items that may or may not be for sale. More often than not, the links will be used for phishing or spread through a bot.
Warning Signs
If the website has a strange URL that is filled with random letters and numbers or additional words, then it is likely for a phishing website. Also, make sure the site is secure and that you use “https://” and not “www.” A social website link may not be safe and could, potentially, reroute you toward malware or being phished.
How to Protect Yourself
Use a credit card instead of a debit card. That way, if your card numbers are hacked or stolen, credit purchases will be refunded more quickly and not impact your bank account balance.
Type known shopping URLs by hand and do not rely on links embedded into emails.
Biggest Holiday Shopping Scams
While Black Friday and Cyber Monday scams are enough to throw shoppers for a loop, other scams are being created all the time. These range from year-round scams to those specific to the holiday season.
Both can cause a ton of trouble and cost you time and money. Criminals are creative about the methods they use, and trends happen yearly.
Amazon Scams
Amazon scams strike both buyers and sellers, and you may not be protected by the website giant unless you follow their terms of use.
Former News Anchor Liz Jeneault Shares Tips to Protect Yourself from Scams This Holiday Season:
“When shopping online, use only trusted sites. If you know you want to buy something off Amazon, be sure to type in Amazon’s website directly. Avoid clicking on ads, as you never know if those are leading you to fake or phishing websites. Also, use a credit card instead of your bank debit card when shopping online.
Why?
Cybersecurity experts will tell you that if your credit card information is compromised, that’s less severe than if someone gets hold of your bank account number. You wouldn’t want someone draining your bank account! Finally, do not auto-save your payment information when checking out (and especially if using someone else’s computer).
Speaking of public computers, be sure to use extra caution with them and always log out of any accounts you log in to. After making any purchase orders online, always keep an eye on your credit card statements. If you notice any odd charges, call the credit card company right away.”
Warning Signs
Buyers might say they didn’t receive a package (when they did) and request a fraudulent refund or replacement product. Meanwhile, many Amazon buyers are plagued by fake sellers who try and reroute them to outside websites.
They do this by dangling “special offers” or a discount, and then steal the buyer’s credit card details, try and get paid by gift cards, or have the buyer “purchase” something they never plan on sending.
Amazon won’t be able to protect you since you didn’t buy the product through them or follow their guidelines/Terms of Service. Phishing emails that appear to be from Amazon, regarding a package or delivery, are frequently sent by scammers and are easy to fall for (since they will look identical to the company’s real mailings).
Gift Card Scams
Gift card scams are incredibly popular. These scams often occur when shoppers view a great deal advertised on a resale site or when a scammer asked to be paid by gift card when posing as a seller. Sellers can also be scammed.
Warning Signs
Perhaps an online seller site deal states that the buyer can purchase two $50 gift cards for half the price, but all the scamming seller does is take your money and give you a blank card or never send you one.
If you’re selling a gift card, a seemingly suspicious buyer may pretend they want to verify the gift card is legitimate with the merchant (via phone). However, the scammer is one step ahead and will write down any numbers or codes you say and deplete the balances, without ever paying you.
Another version of this scam happens when scammers trick hesitant buyers into listening in on a 3-way call. As a buyer, you will think the gift card company is verifying reap gift card balances.
However, the seller is using one of their scammer friends to play the role of a gift card company employee. You pay, and then the thief steals your money!
Online Greeting Card Scams
That excitement you feel when you open up your email inbox or messenger app and find that you’ve been sent a greeting or holiday card? It’s about to fade once you’re scammed.
Warning Signs
Beware of unexpected and unsolicited greeting cards sent to you The greeting card scam will seem as though you are going to receive a gift, but the link you go to will steal your information and/or charge you instead.
Fake Shipping Notice Scams
These emails might look like official Amazon, UPS, Post Office, or FedEx notices and will talk about a shipment delay, confirmation, or tracking.
Warning Signs
Beware of unexpected shipping or tracking notices and review the hyperlinks in any emails. If you try and “track” your package, you’ll regret it, as the email is fake and will download malware onto your device or computer!
Fake Charity Scams
Giving to those in need is more than a tax break; it is also a great way to give back to less fortunate individuals. What you might not expect is to participate in a Christmas charity scam, which is when you provide money to a scammer when you think you’re helping a legitimate charity over the holidays!
Paul Bischoff, Privacy Advocate with Comparitech, offers the following insight:
Fake charities and online storefronts are rampant during the holidays when impulse buying is at its zenith. Scammers set up fake stores and charities, then lure victims through ads and email campaigns. Scammers might pose as well-known merchants by copying their messaging and website design, or they might set up unique sites. The sites are set up to steal credit card information and other valuable information, such as passwords, upon checkout, and no item is delivered.
Warning Signs
Signs of a fake charity might be a request for you to pay over the phone, after an unsolicited phone call. Another charity scam tip-off is payment being requested through gift cards, GoFundMe, CashApp, PayPal, Venmo, Messenger, money wire, etc.
Package Scams
You see a notification that your package has been delivered outside your door, but don’t see it there when you arrive home! One of the reasons people invest in pricey doorway cams is to monitor and protect against stolen packages. Take advantage of an Amazon Locker delivery, if this is an ongoing problem.
Warning Signs
A fake scammer email might look like a notification about your package but will be a scam link. Some sellers intentionally don’t send out packages, hoping to save money and that you’ll never notice. Other times, dishonest neighbors or passersby may see and steal your doorstep packages.
Facebook Ad Scams
Are you interested in something you see in a Facebook ad? Unfortunately, it may have been posted by a scammer who hacked into one of your trusted friend’s accounts.
Other times, ads are posted which link you to an outside website which might require sign-up and sell or steal and share your information. Malware might accompany downloads, or ads might show a great deal that isn’t included on the website you link to.
Blogger Becky Beach has this to say regarding Facebook Ads during the holiday season:
“During the holidays, I have seen several scam stores run ads on Facebook. These stores will have cheap Chinese products for sale at high prices.
Some of the scam stores will never send the customer the product and, instead, sell their information online. I have been the victim of this myself last Christmas and still get unknown calls and spam.
Always be wary when purchasing items from unknown stores that are advertised on Facebook. You can search for the store online to see if there are any reviews available on Trustpilot to be safe.”
Warning Signs
A product recommendation suddenly sent to you by a friend by Messenger or posted on their page. Advertisements that require paid sign up outside of Facebook or offer expensive coaching.
Public WiFi Scams
Perhaps you’re enjoying your peppermint latte from Starbucks and don’t realize you’ve connected to a free hotspot instead of the Starbucks’ WiFi, oops! Scammers love public locations for online scams.
Warning Signs
Do not click on open hot-spots. Scammers try to get you to connect to their hacker connection and use internet savvy tricks to steal your banking information and account information.
Santa Scams
Who wouldn’t want a letter from Santa! That is what spammers rely on to motivate you to fill out personal information for their free Santa letter. That information is then sold or used to spam you!
Warning Signs
Free Santa letters might cost you in the long run. The Better Business Bureau has publicized another Santa scam, where people pay for a Santa letter that may or may not arrive.
Never pay for these types of letters and write your own, if necessary. Other fake links might take, sell, or use any information you share during sign up (including credit information).
Travel Scams
Travel scams will make it seem as though you’ve won a beautiful, luxurious vacation. While that would be nice, if it were true, when it comes to travel scams, a scammer will steal any financial and personal information you provide. They will then sell or use it to open fake credit cards.
Warning Signs
Don’t trust a vacation ad or post, just because it uses a beautiful Hawaii stock photo. If you pay or enter credit information, it will be used to steal from you or sold on the dark web.
Another travel scam is paying for vacations, which aren’t the great deal they claim to be. The FTC suggests that these might include a scammer telling a timeshare owner that they have a buyer “lined up” when they don’t.
E-Skimmers
E-skimming is in the news and a real risk for trusting holiday shoppers. While skimmers have been around a while and are devices that can hack credit card information (for instance, at the gas pump), e-skimmers do the same thing online.
Chelsea Brown, CEO and Founder of Digital Mom Talk has this to say regarding e-skimmers:
This is a type of malware plugin or corrupted code forced into legitimate websites that are designed to capture and track payment, login and account information as customers make legitimate purchases. Individuals should be cautious when entering payments on sites and make sure the sites have been updated to prevent such attacks.
Greg Mahnken, Credit Industry Analyst for Credit Card Insider, provides us with these tips:
The holiday season can be a stressful time financially, even if all goes right. Unfortunately, the chaos of holiday shopping could be even more stressful if you are a victim of credit card fraud from card skimming.
Credit card skimmers are devices that read information off your credit or debit card. The criminal can then make a copy of your card to use for purchases or possibly to withdraw cash.
Credit card skimmers are designed to blend in, and you may not even see one. While they have been placed on the outside of gas pumps and ATM’s, many thieves are now installing these devices internally, where they cannot be seen.
How to avoid becoming a skimming victim:
- At a public point-of-sale, such as a gas pump, cash is the safest option. If you must use a card, the card reader inside is a harder target because it is within arm’s reach of the cashier.
- If you prefer to pay at the pump, look for signs of forced entry or tampering. Is the card reader the same style and color as the pump next to you? Is there security tape over the pump? If the security tape is missing or reads, “VOID,” notify an employee immediately.
- Use a credit card over a debit card.
- If a thief does get your credit card information, they’ll be spending your card issuers’ money until you pay the bill.
- If your debit card is a victim of skimming, the fraudster could be spending cash right out of your checking account.
- Under federal law, credit cards have better fraud protection than debit cards.
Warning Signs
A cyber thief or hacker will insert and edit JavaScript code to make it malicious. This allows cyber-criminals to get a hold of personal and financial information (such as your credit card number!) as you type it. Within minutes your credit card could be entirely depleted by an online scammer.
Form Jacking
Similar to e-skimming, hackers find vulnerable websites and enter their malicious, edited JavaScript code. Once this process is complete, anyone who visits the webpage and enters their information (name, credit card, routing number) will be at risk.
Warning Signs
This might happen when you sign up for a site, service, or product purchase. The data that is hacked is then immediately transferred to a remote server and used for online purchases (of gift cards, etc.).
According to data from Symantec, their company blocks at least 3.7 million form jacking threats in 2018 and 1/3rd of those occurred in November or December.
Costs paid by online scammers for one card can be almost $50, and combined loss is in the millions, for consumers and credit card companies. Don’t fall for one of the 4800 websites monthly, which have been form jacked.
If your credit card is suddenly maxed out, call the company and request a credit freeze.
Fake Online Stores
We can almost guarantee that you will encounter a fake online store this holiday shopping season. The BBB has said that 1 in 4 people has bought something online, which turned out to be counterfeit. Online stores typically promote products that they know are best sellers.
Warning Signs
These fake online stores might seem to sell products from Apple, Samsung, or other electronics. After entering your information, you may notice there is no shipping information provided, that your credit card number stolen, that you’re a victim of identity theft, or (after a few days waiting for your package) that you were sent a cheap knockoff.
Dangers of Online Shopping
Having a package stolen from outside your front door is bothersome and upsetting, particularly right before a big holiday – but Amazon will likely replace it or issue a refund.
Losing money, especially a large sum, from your bank account or through a scam, can have serious repercussions. Your credit cards could be maxed out by an online thief or your entire financial world ruined by an identity hack.
How to Protect Yourself from Holiday Scams
Although there will always be a risk that your credit card number could be compromised from an employee at a store or through the breach of a shopping website, business, or the credit card company itself, there are many shopping scams that can be avoided.
Beware of Impulse Buying
Scammers want you not to think and buy! As the holidays approach, legitimate discount offers will arrive in your inbox, and stores will send out real text alerts and mailings. However, if you click on every link you receive, without discerning scam websites from real offers, your credit cards and data might be at risk.
Do not go straight to entering your payment until you verify the website’s URL to make sure that you’re not on a copycat website. If you’re buying an item through Amazon, LetGo, or any other third party retailer, only pay through their official website. Scammers will often offer you a discount if you pay them through an outside payment source.
If you agree to do so, they’ll never send you the item and will either steal your credit card number and use it or keep the method through which you pay them (iTunes gift cards, cash, etc.). Worse, if you violate a website such as Amazon’s Terms of Service, the site cannot protect you and issue a refund.
An Offer That is Too Good to Be True
Shopping can be expensive, and the holidays may make it tempting to take advantage of surprise offers. However, the best offers may be coming from scammers who will never actually send you a product and only want to choose from you.
Beware of Text Offers
Similar to impulse buying, text offers are typically scam links sent from a spoofed number or mass mailer. The goal is to have you click on the link via your smartphone or app, and not think the offer through.
You may be immediately redirected to a phishing website which has been created to look legitimate but isn’t. Once you’re prompted to enter your credit card information, it will be stolen.
Beware of Unsolicited Offers
Perhaps you’re playing your favorite online game to detox from holiday shopping and receive a 50% savings coupon through a direct message and link. Beware! Offers sent to you in this format are usually sent via bots connected to scammers or questionable products or sellers.
Use Email Filters
Turn email filters on “high’ to prevent yourself, your family, and any employees from receiving an excessive number of email scams surrounding the holidays. You can also screen calls with robocall blocking apps.
Track Your Purchases
If you frequently online shopping, it can be challenging to keep track of which purchases you receive and which you don’t. This gives sellers the perfect opportunity to save your money and never send you the product. Make a file on your computer for online purchases or buy through trusted websites that list your purchases when they are delivered or in transit.
DO and DON’T checklist for Holiday Shopping
DO check the hyperlink in all emails you receive, by hovering your mouse over any embedded links to verify the actual URL or redirect.
DON’T pay for anything using a website that does not have a secure connection that begins with “https”, or has an unlocked symbol next to the URL in the web browser.
DON’T ever pay with gift cards to direct sellers. A legitimate seller will never want payment by mailing a gift card or telling them the numbers. This is true for online, phone, text, and email offers.
DON’T use public wifi when making a legitimate online purchase, as your card information might be hacked or compromised.
DO use a reputable reverse search engine like Social Catfish to background check private sellers by name, username, email address, phone number, or photograph.
You can also search for businesses and website reviews. DO NOT trust every review at face value. Some reviews are fake spam reviews made by the company or scammer.
DO verify each seller or website’s written return policy and locate an easy to contact the customer service department. DO NOT buy from any site which doesn’t have a return policy or says “All Sales Final”.
DO look at gift cards you buy from stores carefully. If the security code has been scratched off, the card might be used the moment you purchase it.
DO NOT share your gift card number with anyone and keep your digital gift cards secure.
DO pay by credit card as your credit card company will block and reverse any charges.
DO NOT give anyone your social security number to verify your purchase, as it will then be compromised.
DO update your software and antivirus protection, along with using 2-factor authentication and using complex passwords.
DO NOT trust pop-up ads that open while you online shop or say that your software is out of date. Fake password reset forms may also be sent to you in fraudulent emails that look legitimate until you view the hyperlink. Phone call scammers may also try and get your password. DO NOT fall for it!
What to Do If You’ve Been Scammed
The first steps you take are crucial to protect yourself from online shopping scams.
Call Your Financial Institutions
If your credit card or bank information was compromised, immediately contact your credit card company and bank and ask for an alert to be placed upon your account and credit cards canceled and reissued.
Common credit card issuers:
Credit Freeze
If you believe your identity has been stolen, credit cards used, or your social security number or other details compromised, request a free credit freeze. The FTC helps guide consumers on requesting a credit freeze.
Change Your Password
Not only should you change your passwords for financial accounts but also your email address and computer passwords. While you’re doing so, turn on 2-factor authentication and log-in alerts.
Report the activity to any websites or apps you used. Use the website or apps “report” feature and block the user’s profile and reporting features.
Contact the FBI
If you have been scammed out of money, report the crime to the Internet Crime Complaint Center (IC3).
Shred Data
Take this opportunity to remind yourself how important it is to shred financial statements and other sensitive information.
Think of Your Year-Round Safety
These are tips and practices you can include year-round, not just during the holiday shopping season. By practicing safe shopping techniques, you will cut down on the headache of problem shopping. The FTC has estimated that consumers spend about 200 hours of work trying to recover from identity theft, and the process takes about six months.
We can’t say this enough:
Don’t underestimate the trouble that a fraudulent shopping site or holiday scam can cause you. Be careful when shopping online this holiday season, and share our safety tips with your online community. There are many types of scams circulating across the web, and new technology is doing what it can to combat scammers.
As an online shopper or web user, you may encounter all of the scams listed in our guide on any given day, week, or shopping season. While no one is entirely safe or immune from scams, you don’t need to wait for scammers to find you.
To make sure that you’re getting the deals you deserve and protecting yourself, try a reverse image search. If you have been sent an image or logo from a seller you want to background check or for any other reason, use Social Catfish’s reverse image search to help verify identity.
Instead of risking your credit information or experiencing the time-consuming ramifications of a scam, another option is to hire one of our Search Specialists.
We can investigate multiple platforms and channels to determine identity. Each one of our search specialists are experts at using Social Catfish algorithms to find the best results across the web and public databases.