Don’t Get Phished This Holiday Season: Learn About The Warning Signs

Holiday phishing scams

‘Tis the season for shopping online. I am penning this on Cyber Monday when shoppers are expected to spend over $3 billion. While I love to shop and do it from the comfort of my cozy office, online shopping is not without its perils. The most obvious is that we don’t want to overspend and blow our budget, but that is an article for another day. Read on for the latest phishing scams, online shopping tips and some rules to live by when shopping anytime.

Holiday Phishing Scams

First, if you don’t know what phishing is, pay attention. If you think your parents or loved ones don’t know what phishing is, give them a quick tutorial. Phishing scams are attempts by scammers to trick you into giving out personal information such as your bank account numbers, passwords and credit card numbers. Phishing has become increasingly prevalent and just this weekend my husband was phished via email. Luckily he’s smart (and cute) and knew better.

  • Fake Purchase Invoices: You receive an email from a retailer that you never heard of. It asks you to click on the link to “track your purchase” or “verify your address.” These links may be malicious and could contain malware. Don’t click, block the sender and delete the email.
  • Shipping Status Notifications: Along the same lines as the fake purchase invoice, one popular phishing scam is an email asking you to click on the link to confirm or track your order. Do not click on the link. First, confirm that you actually placed an order. Then, instead, go to the shipping provider’s website (UPS, USPS, FedEx, etc.) and type in your tracking number to access tracking information.
  • Email Deals: Not all discount and sales emails are legitimate. Look for unexpected deals of product promotions from retailers you’ve never shopped or heard of.
  • Holiday E-Cards and Party Invites: Make sure you recognize the sender before clicking on the e-card/invite. Look out for emails that ask you to download attachments or plug-ins as these may contain malicious software.
  • Pay More Attention to Email Links and URLs: Always hover over links on webpages and emails to verify the sender and website. Recently, someone created an email address using my mother’s name and sent it to her contacts (God only knows how many times my mother has been phished—she clicks on everything). Pay attention not only to the name on the email but also hover over and look at the actual email address—especially if the email seems strange to you.
  • If It Looks Weird, It Probably Is: If you get an email that makes you feel weird, you are probably getting phished. Pay attention to things like grammar or the info used in the email. In the case of my husband’s email this weekend, they used a very old mailing address of ours, and included a VAT tax on the fake invoice. We don’t have VAT taxes here in the US guys. Hmmm…
Online Shopping Tips

These are tips to use year-round but be particularly vigilant around the holidays!

  • Look for signs that your information is secure when making online purchases.
  • Shop well-known retailers that you know and trust. I am not saying to only shop on Amazon, but be careful of following links to retailers that you have never heard of. In addition, be aware of deals that are just too good to be true—especially if they are a random retailer. They probably are.
  • Use a credit card instead of a debit card when shopping online. It is easier to deal with fraudulent purchases when you use a credit card.
  • Create strong passwords by including a combination of numbers, symbols and upper and lower case letters.
Additional Reminders:
  • Instead of fake news, be wary of fake surveys. Surveys received via email with promises of money or gift cards in exchange for completing the survey can be a scam. These surveys will often ask for personal information which is what the attackers are seeking.
  • Monitor your bank accounts and your credit cards at least three times a week. If you are shopping online, you should be checking your accounts at the end of each day.
  • Consider some kind of credit monitor. Put alerts on your credit cards and opt in for text messages of purchases over a certain amount of money. If you haven’t done so already, sign up for a service like Life Lock that alerts you when someone opens a credit card in your name. These small steps can protect you in the event of identity theft of phishing.

The rule of thumb when shopping is to be vigilant. If you feel uncomfortable or one of the voices in your head is saying “hey girlfriend, this makes me feel weird”, listen to her. And please pass this along to friends and family—especially if you have older folks in your life who aren’t as savvy as you. And happy shopping!

Securities offered through Raymond James Financial Services, Inc. Member FINRA/SIPC. Investment Advisory Services are offered through Raymond James Financial Services, Inc. Views expressed are the current opinion of the author. Information obtained from sources are considered reliable, but Raymond James does not guarantee the material is accurate or complete.

Kristin Merrick, Financial Advisor, O’Keeffe Financial Partners, LLC 

Originally published in Forbes, Nov 28, 2017. 

Leave a Reply

Your email address will not be published. Required fields are marked *