This story is part of and contains tips for optimizing the holiday season.
This year's Black Friday is expected to break all previous records. Consumers will spend an estimated $ 29 billion online on Thanksgiving weekend. All that money means that more than ever, cybercriminals use malware to target both you and the online retailers you trust. Some hackers, like those who hit Macy's last month, are directly attacking merchants' websites. However, many other scams aim to distract you from legitimate sellers and direct you to malicious websites or apps that often falsify well-known retailers like Amazon, Best Buy, or Walmart.
For example, research by RiskIQ, a security company, claims to have identified nearly 1,000 malicious apps with holiday terms and over 6,000 apps with names and slogans from well-known retailers to expose unsuspecting victims. RiskIQ also claimed to have identified 65 malicious websites as popular retailers to trick you into disclosing your personal information.
As always, your best armor against these schemes, scams, frauds and demerits is the knowledge you need to sniff out the ones. Here's everything you need to know to be (not) cheated this Christmas season.
Avoid the "Secret Sister" gift exchange – it's a pyramid scheme.
This Facebook-generated gift exchange among Internet strangers depicts the popular workplace practice of "Secret Santa," a game in which each man buys a gift for a randomly selected person without anyone sharing his five. Instead, the Better Business Bureau is a pyramid scheme in holiday clothes. The "Secret Sister" swap promises you will receive $ 360 in gifts after you have bought and sent a $ 10 gift to someone else.
Unfortunately, such a bad calculation has not prevented this scam from reoccurring year after year. Not only do you lose $ 10 if you do not get any gifts back, you also need to share personal information – names, email addresses, phone numbers – with people you've never met in person.
The Better Business Bureau recommends that you ignore any request to become a secret sister. Do not share your personal information with online strangers. You can also report the invitation to Facebook or another social network you have accessed.
Fake websites and fraudulent apps become "phishing".
In a phishing scheme, the victim receives an e-mail or text message requesting payment for information or other personal information on a fraudulent website, which is often designed to look just like a legitimate website ,
A recent poll by cyber security firm McAfee revealed that 41% of Americans were victims of e-mail phishing schemes in 2019. Not surprisingly, 39% of Americans do not check email sender or merchant sites for authenticity.
To top it off, 30% of respondents reported losses of $ 500 or more in the last year alone.
If the data from RiskIQ are signs of this, expect a surge in news that is supposed to come from Amazon, Best Buy, Walmart, Target, or other major retailers over the next few months. If you receive an e-mail asking you to update your payment method or request other personal information, contact the company's help desk to make sure the e-mail is genuine before doing anything else Federal Trade Commission and StaySafeOnline.org include:
- The sender's e-mail address looks almost correct but contains extra characters or spelling mistakes.
- Spelling mistakes and / or wrong grammar either in the subject line or somewhere in the message.
- Addresses you with general terms ("Mr." or "Ms." or "Dear Customer") instead of the name.
- The message warns you that you must take action immediately, and asks you to click Click on a link and enter personal information, especially payment information.
- The news promises a refund, coupons or other giveaways.
The skimming of credit cards is completely digitized.
Credit card defrauders who steal your personal information when you steal a credit or debit card at the ATM dispenser or at another payment desk have been around for more than a decade, but the attack on Macy's in October is a Example of the same technology that is also used digitally.
Instead of using physical hardware to steal card numbers, hackers have added malicious code directly to Macy's website to do the same with online billing information.
Regarding the skimming of online credit cards, Tim Mackey, the chief security strategist for Synopsis, a digital security company, has warned, "There is no obvious way for an average person to know if or when a website is compromising The only potential indication is that the website itself is not capable. " It does not look right. "http://www.cnet.com/"
Mackey suggests some strategies that consumers can use to protect themselves:
- Do not store your credit card information on retail websites.
- If possible, use a third-party payment method, such as Apple Pay, Google Wallet, or PayPal.
- Enable buy alerts for all your credit cards.
- Disable international purchases for all credit cards.
- Buy only through your home or mobile network ork, never via public Wi-Fi where your payment could be intercepted.
Fears of "juice robbery" could be overcome.
Los Angeles County Procuratorate released a blog post recommending that citizens not use USB at the beginning of this month When charging ports in public places such as airports and shopping malls, warning hackers could install "juice jacking" software , which downloads malicious code on connected phones and tablets and gives the thieves access to your personal information.
screenshot by Dale Smith / CNET
While this is theoretically possible, the likelihood of this actually happening to you is incredibly low, as the site Snopes.com, which nullifies the urban myth, highlights in a recent post asking how widespread the problem is Really, the Attorney General's Office could not confirm any actual cases of "juice robbing" in the books. One reason could be that most of the smartphones and tablets currently in use have software that prevents exactly these types of attacks. Therefore, you are asked if you trust the connection when you connect it to a laptop or desktop to charge it.
While there are still purchases, scammers and thieves will continue to try to tear you down. In the meantime, the best thing you can do is to be ahead of the tricks and protect yourself with knowledge. For more strategies to survive this fun yet stressful season, check out our Holiday Survival Guide. We have put together the best tips and tricks to reduce stress after shopping for a marathon. You'll learn how to use intelligent wizard to manage your vacation gatherings, whether you use Google Home or Amazon Alexa.