Online shopping always picks up during the holiday season.
And each year, online shopping seems to start earlier.
As you start browsing your favorite retail and eCommerce websites, be aware of the potential dangers with online shopping. No matter where you shop, bad actors are right around the corner using fake web stores and pharming sites.
Bad actors often use familiar company names to add legitimacy to their scam while offering popular products for cheap. These products that are purchased may never arrive or be much lower in quality. As you start shopping online, here are some tips to avoid being a victim.
- Start With Research – Search for the business’s name and their product with search terms like “fraud,” “scam,” or “rip-off.” Look at online reviews. Be on the lookout for positive reviews from fake avatars or people that were clearly paid to make one.
- Talk To Someone You Trust – Before completing the sale, share your experience with your spouse, family member or co-worker. Talking about it could help you recognize a scam.
- Know How Scammers Tell You To Pay – Never pay someone who wants you to pay with a gift card or by using a money transfer service. And, never deposit a check and send money back to someone.
- Check Your Bank Statements – If you’re charged for something you didn’t buy online, or charged more than expected, file a dispute with your financial institution immediately. It’s also a good idea to see if your financial institution has safeguards in place that allow you to turn your debit card off if lost or stolen. Unless you know and trust the vendor, don’t pay with ACH, wire or gift cards. These forms of payment are like giving cash away and reduce your ability to track and recover stolen money.
How To Avoid Pharming Sites
Pharming is the practice of directing an online user to a fake website that appears to be legitimate. Bad actors will guide a user – without their knowledge – to a pharming site after they’ve fallen victim to a phishing scam.
Phishing is a type of social engineering where an attacker sends a fraudulent message designed to trick a consumer into revealing sensitive information or deploy malicious software on the victim's computer.
Pharming sites can capture a user’s login info, security codes, PINs and other personal information. Follow these tips to protect your information.
- Use Security Software – Make sure you use the latest software, so it can deal with new threats. Accept and install system updates on your computer. Consider installing firewall and anti-virus software. Keeping your computer updated and protected can close security holes attackers use to take advantage of your device.
- Always Be On Alert – If something doesn’t look right, be suspicious. Look for spelling and grammar issues on a website or email, a weird URL or any site that is asking for personal information.
- Use Multi-Factor Authentication – Requiring two or more credentials to login to a device is called multi-factor authentication. These additional credentials can be a passcode using an authentication app or a security key. Biometric methods include a finger scan or face recognition. Multi-factor authentication makes it harder for scammers to log into your accounts if they get a username or password.
- Back Up Your Data – Whatever you do, make sure your backups aren’t connected to your home network. You can copy your files to an external hard drive or cloud storage. Back up the data on your phone as well.
Shopping online is convenient and saves time. But, it’s important to stay safe. If you think a scammer has your information, like a Social Security or credit card number, go to IdentityTheft.gov. Here, you’ll see the specific steps to take based on the information that may be compromised.
If you get a phishing email or text message, report it. If you get a phishing email, forward it to the Anti-Phishing Working Group at firstname.lastname@example.org. You can also report a phishing attack to the FTC at ReportFraud.ftc.gov.
To see how Stearns Bank is helping to protect its customers, be sure to visit our fraud prevention page.