Common Shopping Scams With A New Twist

This time of year is the busiest for shopping. Considering so many organizations have our payment information stored for quick online purchases, it can be a bit of a shock when you get a notification that purchase was made and you don’t have any recollection of making it. The Federal Trade Commission (FTC) is warning of an old scam with a new twist that is hitting consumers hard this holiday season and they want everyone to know about it.

The scammers send out email messages with a notice that some purchase or automatic renewal was made on your account. They use well-known company names such as Apple or PayPal, which is nothing new. But inside the email is a link they conveniently put there for you to click to dispute the charge.

Of course, should you ever receive an email stating a charge was made and you don’t remember doing it, don’t assume you did some shopping under the influence and click away on the links in the email message or notification. Instead, log into your account directly to check on any charges. You can also contact the company that supposedly charged you, by phone or from their website in order to find out more.

It’s also likely you can detect the email as phishing by merely reading it. Often the message has typos or the use of the language is incorrect. You can typically tell pretty quickly when it isn’t done professionally and can assume it’s phishing.

In this latest one, they try to scare you into making a quick decision by giving you a very short timeframe in which to respond. Just remember that if a sense of urgency like that is in an email, it’s trying to force you into a decision that can be detrimental if you fall for the threat.

Also remember the old standby scams. The phishers are getting better and better at making the schemes seem real. Other popular ones around the holidays are fake shipping notices from companies like UPS and FedEx and “free money” (free credit) scams from online retailers such as Amazon. All the criminals want is for you to click links in their email messages.

If you are not expecting to receive a link or attachment, don’t just go clicking on it. Hover the mouse pointer over it to see where it’s going. If it’s malicious, you can usually tell immediately, because it won’t be going to Amazon or FedEx for example. On mobile devices, hold your finger on the link for 3-5 seconds to see where it’s going. Just be careful on those to hold your finger down long enough for the link to show and not just go to the site.

Following a few guidelines like these will keep your account information safe from hackers and their scams like these throughout the whole year.

Stickley on Security
Published December 20, 2018