13 tips to protect yourself on Black Friday, Cyber Monday
Holidays are peak time for ID thieves, so consumers must be cautious
By Lisa Rogak
Even if the sour economy thins their numbers, holiday shoppers will crowd stores, especially on Black Friday, the day after Thanksgiving, and its online counterpart -- the following Monday, known as Cyber Monday.
Identity thieves love the holiday season, too, but not for the reason honest people do. And the trends in the economy and in payments systems are creating an environment ripe for ID theft, experts say:
- Dire financial straits can make people consider doing things they wouldn't normally do, including theft and fraud. "People under financial stress tend to do things they ordinarily would not do, and that includes committing fraud," says Anne Wallace, president of the Identity Theft Assistance Center. "Many people are victimized by people they know who have access to their personal information."
- The proliferation of wireless networks makes people's vital data more easily accessible.
- Online buying continues to grow, which means that more online retailers have hackable records of consumers' private data."Hackers can now access a bank account with a PayPal password," says Todd Feinman, CEO of IdentityFinder.com. "All of your online banking passwords and credit card login information are linked to your identity and can be used to gain more information about you or withdraw money from linked accounts."
Whether you shop in retail stores, online, or both, here are 13 tips that can help.
1. Be vigilant in stores. It sounds obvious, but it's vital. An anonymous cashier at a Maryland chain store says she's seen it all on Black Friday. "I've had customers forget their purses while others set their credit card down and walk away," she said. "Others leave the signature line on a credit card completely blank, which makes it easy for somebody to sign your name with their handwriting." Joseph Campana, security expert and author of "Privacy MakeOver" agrees. "Protect your wallet or purse since large crowds and hands filled with bags make it easier for pickpockets and thieves," he says. "For ladies, a purse strap should go over your head so a thief cannot pull it off your shoulder."
2. Be vigilant online. Using your credit card to place an order at a public computer is a recipe for disaster, says Scott Stevenson, founder and CEO of Eliminate ID Theft, an identity theft and credit-monitoring company. If you have no other option, he advises that you erase all cookies from the cache. When you reach the order placement page of a website, check that the URL starts with https:// or shttp:// and that the page has a security icon like a padlock or an unbroken key in a corner of the screen to indicate that the website is secure.
3. Delay online purchases. While you may start your holiday shopping on Black Friday, thieves have been working overtime for weeks, according to Michael Greene, vice president of product strategy for PCTools.com, a software security company. Prior to the 2007 holiday season, the company conducted a study to determine peak times for spyware attacks and hacking, and they discovered that that the highest number of attacks occurred on the Monday before Thanksgiving, not Cyber Monday, the Monday after Thanksgiving. In fact, the study showed that the frequency of Internet attacks actually started building in mid-October, and that the number of attacks three days before Thanksgiving was six times larger than those just a week later.
4. Protect yourself online. Without comprehensive security protection online, you're inviting identity thieves to steal your financial information. Make sure you have the latest version of security software installed on your computer. Also beware of clicking on links in e-mails that appear to come from reputable retailers. Cyberthieves often send e-mails that mimic ones sent by well-known online stores, a variety of the scheme known as phishing, and clicking on the link may result in having spyware installed on your computer. Better to go directly to the retailer's page.
5. Limit the credit cards you use. Though you may have several credit cards, it's a good idea to use only one or two in stores and online to limit your exposure, advises Bill Morrow, chairman and CEO of CSIdentity.com, an identity theft protection company. "And use a card with a low credit limit to minimize the damage if your card is stolen," he notes, though this may be less effective because more issuers opt to charge over-the-limit fees than reject a transaction.
6. Avoid shopping via WiFi. With the increase in mobile Internet devices and free WiFi hotspots, many consumers don't think about wireless security, says Richard Rushing, chief security officer at Motorola AirDefense Solutions. They should, however, since many wireless access points are unsecured or provide minimal protection against hackers. "Don't access your bank account or input credit card numbers via WiFi since this is when your financial information is most likely to be stolen," he says.
7. Avoid wireless terminals in stores. Many retailers and restaurants have recently implemented wireless credit card terminals to speed transactions along, but security can be virtually nonexistent. Rushing conducted a study in 2007 that monitored retail activity in over 3,000 stores nationwide -- including those on Beverly Hills' famed Rodeo Drive and New York City's posh Madison Avenue -- and found that 85 percent of wireless terminals used to process transactions were relatively easy for hackers to access. Ask if they can run your card through a wired terminal instead.
8. Check out merchants. Investigate the merchants you plan to do business with, says Randy Abrams, director of technical education at ESET, an antivirus and antispyware company. If you see a Better Business Bureau logo on the website of a company you're unfamiliar with, check with the BBB to see if they're really a member. "Anyone can put a BBB logo on their website, even if they're not a member," he says. If you have suspicions about a company, Abrams suggests you conduct an online search with phrases like "Complaint about Company X" or "Problem with Company X," which may reveal problems.
9. Watch for skimming. During the holidays, many stores fill staffing gaps with temporary employees who are often hired with a minimum of background screening. According to Stevenson, some workers hired as cashiers are cyberthieves in disguise, and their primary objective is scan your credit card twice, a scam known as skimming: once at the register, then through a handheld scanner the size of a cigarette lighter. If a cashier asks to swipe your card by hand and takes a moment too long, or if the sales clerk turns away while holding your card, ask to see a manager.
10. Beware of suspicious packages. If you receive a package at your home or office that you didn't order followed by a call from someone who says they made a mistake and will send UPS or FedEx to pick it up, your card may have been stolen. Ori Eisen, founder and chief innovation officer of fraud prevention company 41st Parameter, suggests you check the shipping invoice and your account. If you see an unfamiliar charge, contact the company and return the goods.
11. Don't apply for a new store card. This holiday season, many retailers are trying desperately to increase sales and will turn on the hard sell with multiple incentives and discounts if you apply for a new store credit card. Dave Muti, author of "Mortgages: What You Need to Know" says don't do it. "Soon after, the credit bureaus sell your personal information along with other consumers who have had their credit pulled in the previous 24 hours to credit card companies, which creates an additional opportunity for your information to be stolen," he says.
12. Use a credit card with a limited life span. Use a virtual credit card that expires after one use, especially when you're buying from an unfamiliar website. "This is a fantastic way to shop at a new-to-you website," says Feinman.
13. Use cash. Perhaps this is the easiest way of all to guarantee that you won't fall victim to identify theft. Online, you can pay through PayPal with a credit card and sellers will never see your credit card number.
Published: November 26, 2008
- CFPB warning: incentives can harm consumers – The U.S. Consumer Financial Protection Bureau issued a broad warning about sales incentives, possibly signalling a new enforcement priority ...
- CFPB: Minn. bank tricked customers into costly overdraft fees – Federal consumer watchdog charges TCF National Bank obscured fees and gave customers hard-sell to opt in for fees of $35 per overdraft ...
- FICO’s Scott Zoldi: Card-not-present fraud a growing threat – FICO analytics chief Scott Zoldi discusses the state of fraud protection amid the EMV shift and the use of trended data ...