Keep your finances safe while you shop during this holiday season. Criminals and scammers use many techniques to fool potential victims, including fraudulent online auction sales and selling stripped gift cards. The NCUA has put together a list of tips you can use to avoid becoming a victim of a holiday scam.
Take a look at a few of the newest and most common scams you should watch for this holiday season.
Scam #1: Online Gift Card Scam
Gift cards purchased through online auction sites are often fraudulent or stolen. To ensure that you are not scammed out of your holiday money, it is safest to purchase gift cards directly from the merchant or retail store.
Scam #2: Stripped Gift Card Scam
Be careful when purchasing gift cards at retail stores. If you choose a gift card that is not located behind a counter, thieves can write down the gift card code or use a device to scan the magnetic strip on the back of the card. Every few days the thief will check the balance and redeem the card's value online without you or your gift recipient’s knowledge. When buying a preloaded card, always have the cashier scan the card to verify that the full amount is available. Also, check to make sure that the packaging has not been tampered with or damaged. This may be sign that the gift card has been compromised or replaced with a stripped gift card. If possible, register your gift card with the retailer.
Scam #3: Phishing and SMiShing Schemes
In phishing schemes, a fraudster poses as a legitimate entity and uses e-mail and scam websites to obtain victims’ personal information, such as account numbers, user names, passwords, etc. SMiShing is the act of sending fraudulent text messages to bait a victim into revealing personal information.
Be leery of e-mails or text messages that indicate a problem or question regarding your financial accounts. In this scam, fraudsters direct victims to follow a link or call a number to update an account or correct a purported problem. The link directs the victim to a fraudulent website or message that appears legitimate. Instead, the site allows the fraudster to steal any personal information the victim provides.
Current SMiShing schemes involve fraudsters calling victims’ cell phones offering to lower the interest rates for credit cards the victims do not even possess. If a victim asserts that they do not own the credit card, the caller hangs up. These fraudsters call from TRAC cell phones that do not have voicemail, or the phone provides a constant busy signal when called, rendering these calls virtually untraceable.
Another scam involves fraudsters directing victims, via e-mail, to a spoofed website. A spoofed website is a fake site that misleads the victim into providing personal information, which is routed to the scammer’s computer.
Phishing schemes related to deliveries are also rampant. Legitimate delivery service providers neither e-mail shippers regarding scheduled deliveries nor state when a package is intercepted or being temporarily held. Consequently, e-mails informing of such delivery issues are phishing scams that can lead to personal information breaches and financial losses.
Scam #4: Charity Scams
It is important to recognize the warning signs of charity scams in order for you not to be robbed of your good intentions. The Federal Trade Commission (FTC) has two websites for consumers on charity fraud and scams.
In addition, the Internal Revenue Service (IRS) has a search feature on its website that allows consumers to find legitimate, qualified charities to which donations may be tax-deductable. For more information, please visit http://www.irs.gov/app/pub-78/.
Scam #5: Fraudulent Classified Ads and Auction Sales
Internet criminals post classified ads and auctions for products they do not have and make the scam work by using stolen credit cards. Fraudsters receive an order from a victim, charge the victim’s credit card for the amount of the order, then use a separate, stolen credit card for the actual purchase. They pocket the purchase price obtained from the victim’s credit card and have the merchant ship the item directly to the victim. Consequently, an item purchased from an online auction but received directly from the merchant is a strong indication of fraud. Victims of such a scam not only lose the money paid to the fraudster, but may be liable for receiving stolen goods.
Shoppers may help avoid these scams by using caution and not providing financial information directly to the seller, as fraudulent sellers will use this information to purchase items for their schemes. Always use a legitimate payment service to ensure a safe, legitimate purchase.
As for product delivery, fraudsters posing as legitimate delivery services offer reduced or free shipping to customers through auction sites. They perpetuate this scam by providing fake shipping labels to the victim. The fraudsters do not pay for delivery of the packages; therefore, delivery service providers intercept the packages for nonpayment and the victim loses the money paid for the purchase of the product.
Diligently check each seller’s rating and feedback along with their number of sales and the dates on which feedback was posted. Be wary of a seller with 100 percent positive feedback, with a low total number of feedback postings, or with all feedback posted around the same date and time.
Remember, if it looks too good to be true, it probably is!
Criminals create new ways every year to steal your money and personal information, especially during the holidays. Do your homework before making an online purchase, or donating to a charity.
Here are some additional tips, from the Federal Bureau of Investigation (FBI), you can use to avoid becoming a victim of cyber fraud:
- Do not respond to unsolicited (spam) email.
- Do not click on links contained within an unsolicited email.
- Be cautious of email claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Scan the attachments for viruses if possible.
- Always compare the link in the e-mail with the link to which you are directed and determine if they match and will lead you to a legitimate site.
- Log directly onto the official website for the business identified in the e-mail, instead of “linking” to it from an unsolicited e-mail. If the e-mail appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence from the business will provide the proper contact information.
- Contact the actual business that supposedly sent the email to verify if the email is genuine.
- If you are asked to act quickly, or there is an emergency, it may be a scam. Fraudsters create a sense of urgency to get you to act quickly.
- Verify any requests for personal information from any business or financial institution by contacting them using the main contact information.