The Just-in-Time E-tailer
Your teen took forever to tell you the presents she wants, and now you can't find her number one must-have item. Google to the rescue! It leads you to a never-heard-of-'em website that has just what you're looking for. Almost seems too good to be true—and it probably is. "Scammers create fake online stores offering hot items so they can steal your credit card info," says Katherine Hutt, spokesperson for the Better Business Bureau.
Before ordering from an unfamiliar site, read customer reviews or check for a Better Business Bureau report at bbb.org. And always purchase with a credit card. "If the e-tailer isn't legit, you may ultimately get your money back," says Hutt. "But paying with a debit card or wire transfer may mean the money's gone."
You receive an email, text or social media message from a major store with a tempting offer for a 20%-off coupon or a free shipping code. All you have to do is click on the link, which seems slightly misspelled (say, macysdiscount.co instead of macys.com). Doing so could download malware onto your computer—it collects personal and financial information, as well as logins and passwords, for future criminal activity.
"Don't use the link," says Hutt. Instead, open a new window in your browser and type in the name of the store. If there's really a sale or free-shipping day, it will be advertised. You can also go to BBB Scam Stopper (bbb.org/scam) and sign up for weekly alerts.
You might be sent emails that are supposedly from FedEx or UPS about a shipment snafu. Or they seem to be from your bank, urging you to click on a "secure message." But the intent is the same: Swindlers want to deceive you into divulging user names, passwords and credit card details, or get you to click on links infected with malware. The latest twist is smishing—that is, phishing scams sent via text message instead of email. "All sorts of fraudulent communications increase between Thanksgiving and Christmas," says Robert Siciliano, a security expert with thebestcompanys.com. "Thieves watch everything you do on your computer and learn how to access your email and bank accounts. The Holy Grail is a Social Security number. Then they'll apply for credit in your name."
Don't respond to the emails or call the phone number texted to you. Instead, visit the website of the shipping service or your bank to find a customer service number or chat function. By initiating contact, you'll know who you're really talking to, which isn't the case when someone has reached out to you.
Empty Gift Cards
You have no idea what to buy your nieces and nephews for the holidays, so you load up on stocking-stuffer gift cards at your local drugstore or big-box retailer. Problem is, they may have been tampered with. "Thieves write down the numbers of unsecured cards or, in a more advanced method, put their own bar code over the real one," explains Raymond Esposito, a senior vice president at LP Innovations, which provides loss-prevention services to restaurants and retailers. Then they go to the card's website, type in the number and check to see whether it has been activated. Once it is, they use the card online.
Purchase gift cards with secure packaging, which protects and hides the number, and be sure any scratch-off coating is intact. "Treat them as you would food," says Esposito. "If they've been tampered with or are torn, choose another." Cards from the big credit companies may have more secure features than those from smaller stores and restaurants, but if you want one for a local joint, buy it there. And keep your receipt. "Other things can go wrong with activation. The cashier can make a mistake or be dishonest and skim from the card," says Esposito. "You should have evidence of what you paid."
Of course you want to do good by contributing to a worthy cause or people in need. But when you're asked to donate, whether by direct mail, email, a phone call or even the man in the Santa suit at the mall, resist the temptation to reflexively reach into your wallet. The charity may not exist, and your money will just go into a con artist's pocket.
"Do your homework first," says Sandra Miniutti, vice president at Charity Navigator, an organization that rates nonprofits. Check the Internal Revenue Service's website (irs.gov) to confirm the group's status as a 501(c)(3) or visit charitynavigator.org to see whether the bulk of the nonprofit's spending is allocated to programs and services. If you're asked to give cash, take some literature on the charity and then do some research; if it seems legit, make a donation with a credit card or send a check. This will be traceable and allow you to claim a tax deduction. As for the dreaded dinnertime phone call, even if it's on behalf of a legitimate organization, the for-profit firm doing the soliciting could be keeping the bulk of your contribution. "It's a very inefficient way of fundraising," says Miniutti. "We generally tell donors just to hang up the phone. There are smarter ways to give."
Originally published in the December 2014 issue of Family Circle magazine.