RICHMOND, VA (AAA) – Online shopping is quick, convenient, and a lifesaver during the busy holiday season. With just a few clicks, you can check off your entire gift list. But AAA warns that buying online is not only popular with shoppers, it is equally attractive to criminals looking to scam unsuspecting consumers.

According to Statista, the number of people making online purchases in the U.S. stood at 273.49 million last year and is expected to grow by an additional 60 million-plus by the year 2029.

“Online shopping has become routine for many but Cyber Monday – the Monday following Black Friday – is especially popular with holiday shoppers hoping to snag some ‘online-only’ deals,” said Morgan Dean, public and government affairs manager, AAA Mid-Atlantic. “A few precautions will help prevent scammers from cashing in on your holiday spending. Charitable givers should likewise take steps to protect their financial information if they plan to donate online.”

To protect your financial information while shopping online, AAA offers the following tips:

  • Choose secure websites and payment tools.Before entering any personal or payment information, ensure the web address begins with “https://” and look for a padlock icon in the browser bar. These indicate the site uses encryption and therefore offers a basic level of protection. When in doubt, go directly to the retailer’s official website by typing in the URL.
  • Keep devices up to date. When you get a notification to update the software on your device, it can be tempting to press “delay.” But device and software updates often include patches that fix security issues. By putting them off, you leave the door open to hackers who take advantage of these vulnerabilities.
  • Be wary of “too good to be true” deals and phony links.Scammers often lure shoppers with extreme discounts, language urging quick action or imposter links that mimic actual retailers. If you’ve received emails  or texts offering deep discounts, hover over the links to check the true destination before clicking. When in doubt, go directly to the retailer’s official website by typing the URL rather than clicking on a link.
     
  • Only use one credit card. Not only does this make it easier to monitor your account, but using a credit card instead of a debit card increases your level of protection from scammers. Most credit cards have zero-liability policies to protect you from having to pay for  fraudulent purchases. Debit cards don’t offer the same level of protection because the money is taken directly out of your bank account at the time of purchase. The credit card issuer will fight to get its money back, but with a debit card, you must fight to get your money back. Simply pay your credit card balance immediately with your bank account to avoid running up a high-interest bill.
  • Don’t respond to requests to “verify” your password or credit card information. Legitimate businesses will not ask you to do so.
     
  • Download or print a copy of your order. This way you can determine if you have been correctly charged for your purchase and have a record of the transaction. The receipt sent to your email is likely not as detailed. Also, monitoring your account and verifying your credit card transactions online at your card issuer’s website will give you a real-time picture of account activity.
  • Avoid making purchases on public Wi-Fi networks. Public Wi-Fi networks often lack encryption. That makes it easy for scammers to manipulate these systems to get your personal data, including passwords and even credit card information.
  • Stay alert for smishing texts. SMS phishing, or smishing, texts come from scammers pretending to be a delivery service asking you to click to “reschedule” or “pay extra.” Scammers are capitalizing on the increased shipping activity during the holidays, when consumers may believe they are receiving something they didn’t expect.
  • Use a credit monitoring service. For example, AAA members can take advantage of a member benefit called ProtectMyID® that offers continuous credit and identity monitoring services, so you can be promptly alerted to any unusual activity with your personal information.

Use caution with online giving
One of the best ways to celebrate the holidays is by giving to others, especially those less fortunate. Sadly, cybercriminals exploit this generous spirit of the holiday season by setting up fake charities. 

How it works:

Fake charities often:

  • Mimic legitimate organizations. They confuse donors by creating names and logos very similar to well-known charities.
  • Request unusual payment methods: They might ask for donations via gift cards, wire transfers or cryptocurrency, which are difficult to trace.
  • Emerge during the holiday season or pop up after disasters. Fake charities often emerge quickly to capitalize on the giving spirit of the holidays or public sympathy following  a disaster.

What to do:

  • Research before you donate. Use reputable sources like Charity Navigator or the Better Business Bureau’s Wise Giving Alliance to check the charity’s legitimacy and financial transparency.
  • Verify the donation website. Ensure the charity’s website is secure (https://) and looks professionally designed. Be wary of sites exhibiting poor grammar, typos or cookie-cutter designs. If something looks off, it probably is.
  • Donate directly. Rather than clicking on links in emails, texts or social media posts, go directly to the official website of the charity you want to support.
  • Donate using a credit card. As with online shopping, debit cards do not offer as much protection in the event of a scam. Stick to credit cards online or mail a paper check for donations.