At the busiest online shopping time of the year, cybercriminals are becoming increasingly aggressive and creative in their ways to fool consumers out of their money as they busily, and perhaps a bit naively, go about buying holiday gifts online.
The array of current scams include fraudulent auction sales, reshipping merchandise purchased with a stolen credit card, sale of fraudulent or stolen gift cards through auction sites at discounted prices, and phishing emails advertising brand name merchandise for bargain prices or emails promoting the sale of merchandise that ends up being a counterfeit product, the Memphis field office of the FBI reminded shoppers.
“The old adage ‘If it seems too good to be true, it probably is’ is a good barometer to use to legitimize emails,” warned the FBI.
Typical ploys run the gamut of erecting fake websites that appear to be from name brands that are hot linked with cleverly disguised URLs appearing to be legitimate from fraud-minded email spammers to social media and/or text messaging phishing schemes. Gift cards from third parties especially raise red flags for potential rip-offs.
Bargain “one day only” promotions often are a ruse to exploit hot items to lure bargain hunters into providing credit card information.
The FBI advises the following tips to avoid becoming a victim of cyber fraud:
- Do not respond to unsolicited (spam) email.
- Do not click on links contained within an unsolicited email.
- Be cautious of emails claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Always run a virus scan on attachment before opening.
- Avoid filling out forms contained in email messages that ask for personal information.
- Always compare the link in the email to the web address link you are directed to and determine if they match.
- Log on directly to the official website for the business identified in the email, instead of “linking” to it from an unsolicited email. If the email appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence from the business will provide the proper contact information.
- Contact the actual business that supposedly sent the email to verify that the email is genuine.
- If you are requested to act quickly or there is an emergency, it may be a scam. Fraudsters create a sense of urgency to get you to act impulsively.
- If you receive a request for personal information from a business or financial institution, always look up the main contact information for the requesting company on an independent source (phone book, trusted Internet directory, legitimate billing statement, etc.) and use that contact information to verify the legitimacy of the request.
