Thieves and hackers never take a vacation, so your privacy and personal information are always at risk. You're especially vulnerable this time of year, though. Not only do you spend more time interacting with retailers, but thieves are in high gear as well, hoping to take advantage of your more active shopping habits.
There are a variety of specific threats you need to contend with. You can mitigate a lot of risk by using common sense. According to a survey conducted by the data risk management firm Identity Theft 911, more than half of the respondents would provide personal information that is not needed to complete a transaction -- like a Social Security number -- despite being "very concerned" about the possibility of identity theft when shopping online. So to stay safe, keep these risks in mind.
Phishing mail. Email is still a significant concern, but hopefully one that you by now have learned to manage and mitigate. Phishing, for example, remains a huge illicit industry; according to security vendor Kaspersky, over 37 million people were attacked by phishing email last year. The remedy is simple. Don't click links in emails; always navigate to websites by typing the URL into your browser or use a stored favorite.
Delivery notification email. Fraudulent delivery notifications are on the rise. The scam: You receive a message that a delivery attempt was unsuccessful, and you should follow up for more information. Clicking a link will install malware that can steal personal information. You should know if you have a scheduled delivery, so ignore emails about mystery deliveries.
Fake holiday e-cards. Fake e-cards are a staple of the Internet, but during the holidays -- when people expect to receive them -- they are more likely to slip by people's radar. Hackers send bogus e-cards that often require you to open attachments or install software to view them. Instead, you get malware that can perform all manner of mischief, from ransomware to identity theft. The easiest solution? Simply don't open e-cards at all, especially if you don't recognize the sender or the card requires you to perform an action like installing software.
Skimmers. Not all risks are from the online world. Skimmers, for example, are devices that thieves can install on credit card readers -- like ATM machines and point of sale devices -- to read your credit card info without your knowledge. How do you protect yourself from this kind of risk? Skimmers are designed to be installed and removed quickly, which means they aren't a rigid and permanent part of the credit card reader. Before swiping your card, security vendor Sophos says that you should always look closely at the mechanism and give it a good physical wiggle. If you can remove it -- or if it doesn't seem permanent -- conduct your business another way.
Unsecured Wi-Fi. Be certain not to conduct financial activities -- like checking your bank balance or making a purchase at an online retailer -- when connected to a public Wi-Fi hotspot. It's far too easy for a hacker to silently collect all the data that you transmit in the open. If you do need to use public Wi-Fi, you should use a Virtual Public Network (VPN) service like Private Internet Access.
Compromised gift cards. Gift cards are a popular holiday gift, but many of the cards available for purchase online are scams -- either forgeries or stolen. The retailers who offer these cards don't lose anything, because they don't honor stolen or fraudulent cards. Gift cards available for sale at deep discounts on auction and discount sale sites are highly suspect, but even ones you buy in a retail store can be compromised. Identity Theft 911 says to buy gift cards from customer service counters: "Fraudsters can peel off stickers [at unattended racks] to glean gift card codes and wait for an unsuspecting shopper to buy them. Once purchased and activated, they enter stolen codes at the retailer website to make online purchases -- leaving the intended recipient with a useless card."
Photo courtesy Flickr user Tax Credits