Tis The Season For Online Shopping…Avoid Fraud and Scams With These Tips

631

By Christina Johnson
HAZLET – If you buy or sell things from individuals over the Internet and want to meet them somewhere, you can give them the address of the Hazlet Police Station.
A Safe Exchange Zone has been established in the side parking lot, next to their headquarters on Middle Road, which never closes. Buyers and sellers can safely meet up there to do their business. The area is secure, brightly lit, and under video surveillance.
“You’ll see people exchanging all day,” said Lt. Scott Mura. “It’s not like meeting in a dark alley. You don’t want people you don’t know going to your house.” He said the police department has not had any issues with the zone since it was created in August. Internet purchase safe exchange zones have also been set up in Freehold Borough, Ocean Township and Marlboro and in places around the nation.
According to the National Retail Federation, American consumers plan to spend an average of $935 during this year’s holiday shopping season. Holiday sales are projected to increase 3.6 percent during November and December and online sales are expected to increase between seven and 10 percent from last year, to as much as $117 billion.
That’s why it’s a good time to review tips from the state’s New Jersey Cybersecurity and Communication Integration Cell to avoid fraud. There is also a wealth of information at cyber.nj.gov. Here is the state’s advice:
Proceed with caution at retail locations that do not accept Chip-card transactions.

  • If you encounter a point-of-sale terminal with a note covering the slot saying “no Chip cards” or “must swipe”, consider using cash instead of a card – or, consider a smartphone payment option such as Apple Pay or Android Pay.
  • If cash or smartphone payment is not an option, use a credit card as opposed to a debit account. If your debit card information is compromised in a data breach, criminals can drain your checking account with no guarantee you will recover all of the funds.

Enable transaction notifications through online banking and smartphone apps.

  • Set up alerts with your bank and credit providers to be notified in the event of unauthorized transactions or certain activities, such as charges over $100.
  • Many financial institutions now offer the option to receive a text message or smartphone app alert every time a transaction is charged to your account.

Take advantage of credit monitoring or identity theft insurance, when offered.

  • If your data was compromised in one of the many breaches that occurred over the last two years, sign up for any free credit monitoring or identity theft insurance services offered by the company. If you are eligible for coverage, you should have received a letter in the mail with information. You can always search for past data breaches by querying a search engine for the company name + “data breach”.
  • For additional information, visit the Identity Theft Resource Center at idtheftcenter.org.

Enable two-factor authentication (2FA) on all financial, email, and online shopping accounts.

  • If a website offers 2FA, be sure to enable it as it will prevent criminals from gaining access to your accounts, even if they obtain the password.
  • Check out this site for an extensive list of websites that offer 2FA: https://twofactorauth.org

Perform basic “cyber-hygiene” on all devices used for shopping, banking, etc.

  • Keep your operating system and all software applications updated.
  • Download antivirus/antispyware software and set it to update automatically.
  • Confirm that your firewall is enabled and configured to a secure setting.
  • Secure your home Wi-Fi signal with a strong password.
  • Remove any unnecessary software/apps and avoid downloading apps from untrusted sources.
  • Check out “Ten Ways to Improve the Security of a New Computer” from the US –CERT website.

Look for “HTTPS” and a lock symbol in the URL field of your browser when shopping or banking online.

  • The “s” in “HTTPS” stands for “secure” and indicates that communication with the webpage is encrypted.
  • Do not enter any login credentials or personal/financial information into any website that does not display this security feature.

Never use public computers or public Wi-Fi for online shopping.

  • Public computers may be infected with malicious software designed to steal your payment information and website login credentials.
  • Open and unsecure public Wi-Fihotspots can allow criminals to intercept network traffic and steal credit card numbers and other confidential information.
  • Ensure your home Wi-Fi is securely configured, tips from the NJCCIC can be found at cyber.nj.gov.

If possible, opt for using credit cards instead of debit cards for shopping transactions.

  • While both payment methods pose risk if compromised, debit cards do not carry the same consumer protections as credit cards, which limit the victim’s liability in the event of fraudulent charges. Also, it can take longer to recover funds stolen from a debit account, and in some circumstances there is no guarantee that that all funds will be returned to the victim.
  • Choose one credit card to do all or most of your holiday shopping to make reviewing for unauthorized purchases easier.
  • Use the chip-and-PIN option when available or consider using a mobile payment option. More information on these options are detailed in the NJCCIC blog at nj.gov.

Always use complex passwords and challenge questions on accounts.

  • Tips for creating secure passwords can be found on the NJCCIC website.
  • Use different passwords for different websites; don’t use the same password across multiple accounts, particularly those that store your financial information.
  • Make sure that your answers to challenge questions cannot be discovered via social media or public records websites (pet’s name, mother’s maiden name, hometown, etc.).

Never click on suspicious links, pop-up advertisements, or open unsolicited attachments.

  • These are often used by attackers as a way to deliver malware onto your computer or mobile device.
  • If you receive an unexpected link or attachment from a known sender, contact the sender to verify.
  • Pop-up advertisements as well as ads on web pages can deliver malware – dubbed malvertising.

Beware of telephone and Internet scams and offers that sound too good to be true.

  • Never click on links or advertisements claiming to give away expensive gifts and prizes. Chances are, these are links to malicious websites.
  • Attackers will take advantage of the holiday season by sending phishing emails with images of seemingly legitimate coupons for popular retail stores that are embedded with or link to malware.
  • Do not forward chain letters or share social media status updates that promise a reward after so many “shares” or “likes.”
  • Avoid shopping on unfamiliar websites that offer luxury goods at unusually low prices.
  • Never provide your personal or financial information over the phone or via text messages.
  • Never reply to any text message requests for validation codes, attackers are using this tactic to gain unauthorized access to personal accounts.

Report any suspicious activity or malicious cyber activity.

  • Businesses: If your business is the victim of a cyberattack or breach, contact the NJCCIC as soon as possible.
  • Citizens: If you are the victim of identity theft, financial fraud, or malicious cyber activity, report it to your local police department immediately and obtain a case number.
  • Consider reporting cyber incidents to the FBI IC3 ic3.gov/complaint.
  • For identity theft, contact the three credit bureaus and file a report with each of them.
  • Consult the New Jersey State Police identity theft online reference guide for more information.

RELATED ARTICLESMORE FROM AUTHOR