The Internal Revenue Service and its Security Summit partners routinely raise awareness about data security issues threatening the financial health of taxpayers. Unsurprisingly, they’re not the only agency trying to protect you from con artists.
The Federal Trade Commission conducts its own outreach to protect Americans from scams. Their “12 Days of Consumer Protection” campaign is a series of blog posts dedicated to highlighting scams targeting consumers during the holidays and early 2021.
The FTC’s list covers a wide range of scams, from fake shopping sites to porch pirates. When you’re done reviewing this list, make sure you pass the info along to family and business clients so they can these scams, too!
Fake Shopping Websites
Fake shopping websites are a year-round trap for anyone browsing Google results in search of a deal, but criminals tend to ramp up their efforts around the winter holiday season. Since scammers use a variety of tactics to trick their victims, the FTC recommends taking the following preventative steps when shopping online:
- Instead of clicking on a link, say in an email, type in the store’s URL yourself, so you know where you’re headed.
- Only pay on sites with URLs that starts with https. That ‘s’ means your transaction is encrypted…but scammers know how to encrypt, too. So don’t believe that a site is the real deal just because the site uses encryption.
- Pay by credit card. It gives you way more protections if something goes wrong.
Remember, you might miss subtle changes when looking for The Best Deal Ever™, like a number “1” instead of a letter “l” in a too-good-to-be-true “Walmart” link. That’s why the FTC recommends following other shopping guidelines on their site: https://www.consumer.ftc.gov/articles/0020-shopping-online.
Fake Job Listings
The pandemic significantly increased the number of unemployed Americans, and—as the FTC blog points out—many Americans are already interested in part-time work during the holidays. Where you find people in need, you’ll find scammers looking to take advantage.
The FTC says you should follow three tips when job hunting:
- Scammers often require you pay them to “secure a position.”
- Scammers often ask for your financial data or personally identifiable information up front.
- Read former-employee reviews before applying.
Looking for a job isn’t easy in a normal year, make sure scammers don’t make it even worse during the lockdown.
Paying with a Gift Card
Fraudsters frequently demand you pay with a gift card. This tactic exists across the spectrum of phishing scams—whether tax-related or garden-variety cons—and it always signals the offer is shady.
Fake Shipping Messages
Scammers are sending fake shipping notices in emails and text messages that appear to come from national shipping companies, like UPS and FedEx. Since they’re even using real logos, it can be hard to spot scam emails that are sandwiched between real notifications in your inbox.
To avoid getting phished, the FTC says you should never click links embedded in emails and keep your security software—antiviruses, anti-spyware, and the like—updated. While you’re updating those programs, don’t forget to update everything else since criminals can exploit security holes in any software, up to and including your operating system.
The fake charity may not be new, but it’s one of the most effective phishing scams you’ll encounter. That’s because criminals are more than happy to take advantage of your impulse to help people in trouble.
Don’t let scammers prevent you from donating. Instead, follow these tips from the FTC for safely giving to charity:
- Don’t be rushed into giving. Yes, it’s the end of the year. But legit charities will be happy to take your money whenever you choose to give it.
- Check out the charity before you give, especially because scammers love to use names that sound like real charities you’ve heard of. Use these organizations to help you do your research.
- If anyone tells you to pay in cash, with a gift card, or by wiring money using a company like MoneyGram or Western Union, stop. That’s how scammers ask you to pay.
Family Emergency Scams
Social media has made it easier than ever before for criminals to impersonate your friends and loved ones in phone calls, emails, and text messages. That’s why the FTC cautions you to resist the urge to immediately send help when you get a breathless SOS pleading for money. Instead, contact that person or someone close to them on a known number to confirm the situation. If it turns out to be a scam, report it and—if a phone call—block the number.
While hanging up on scam phone calls is a time-honored tradition in our household, the FTC says that call blocking is a much better strategy for combatting fraudsters. Check out the FTC page explaining what call blocking is and how to use it on your device: https://www.consumer.ftc.gov/articles/how-block-unwanted-calls.
With all the attention paid to phishing calls, emails, and texts, it’s easy to forget about the criminals in our midst. “Porch pirates” are more than happy to steal the stack of Amazon and FedEx boxes sitting on your front porch when you’re not home.
While nothing is fool-proof, there are steps you can take to make sure you are the one opening those boxes. The FTC recommends three basic safeguards: require a signature, install motion-activated lights, and provide specific delivery instructions.
Fake e-Card and Letter-to-Santa Websites
Fake e-card and letter-to-Santa websites essentially ask victims to provide personal information as part of the customization process. Unfortunately, there’s no cute letter if it’s a scam site—instead, the “gift” is identity theft.
Here’s what the FTC says you should do to avoid getting scammed:
- Check out the website. Do a quick online search for the site or company name, plus the words “complaint,” “review,” or “scam.” What do people say about them? (Knowing, of course, that those glowing reviews could be fakes…)
- Share only what you need to share. Does the site really need your home address, your age, or access to your contacts? And none of these companies needs your bank account or Social Security number. (Frankly, Santa probably already knows, so why would he ask?)
- Don’t click links in unexpected texts or emails. Nothing good comes of that. Instead, check them out first, and then type in the URL yourself so you know where you’re headed.
- Ignore calls for immediate action. Scammers try to get you to act before you have time to think. Take your time. Legit offers will still be there.
General Shopping Advice
Like a pre-flight checklist, it’s always a good idea to review best practices—even if you have committed everything to memory. Pride cometh before a fall, after all. So, the FTC closed out the 12 Days campaign with general shopping advice. (The below list includes a mix of recommendations from the 11th and 12th installments of the series.)
- Confirm that the seller is legit. Read reviews and recommendations about the product, seller, and warranties from sources you trust. Look for reviews about their reputation and customer service, and be sure you can contact the seller if you have a dispute.
- Read the reviews. What are experts saying about the product you’re after? Do they compare brands or versions of the product? Is tech ability needed to appreciate and use it?
- Compare prices. Obviously, right? But online or in-person door-buster “deals” with low, low prices often pressure you to act quickly. So, do some up-front work on what price neighborhood to expect, especially for higher-priced items. That way, you know what’s really a good deal, and what’s just lots of hype.
- What about privacy? You know your comfort level with what your devices know about you. But if you’re gifting, how would the recipient feel about, say, a connected watch that tracks her steps and encourages her to walk more? Might she, I don’t know, set fire to that device after a few days? Or thank you SO much for suggesting that she ought to exercise? Theoretically, you understand.
- Pay by credit card. You have the most protections when you shop (online or elsewhere) with a credit card.
While we’re at it, let’s cover some basic security advice:
- Install security software
- Keep all software updated
- Never click on embedded links or attached files in emails and texts
- Don’t take calls from unknown numbers
- Don’t open messages from unknown senders
- Don’t scan QR codes without first verifying who created it
- Create and maintain a written information security plan
On that last point, be sure your security plan covers what you’re going to do to prevent a data breach, as well as the steps you’ll take after one has occurred.
Be sure to check out each of the “12 Days of Consumer Protection” blogs on FTC.gov:
- “On the first day of consumer protection…”
- “Hawking in a winter wonderland”
- “But the hire is not so delightful”
- “Holiday ‘grift’ exchange?”
- “Fa-la-la-la fake”
- “Avoid a season of mis-giving”
- “Grandma got a scam call from a reindeer”
- “Frosty the Con Man: avoiding family emergency scams”
- “Baby, I stole outside”
- “Santa doesn’t need your Social Security number”
- “All I want for Christmas…is what I ordered”
- “And a smart fridge in a pear tree”