[Editor’s Note: This is the first part of a 2-part series about financial crimes over the holiday season. Part two will publish Monday.]
The holidays are a joyful time of the year, but it is also a time where local residents can have their accounts hacked and identities stolen.
Criminals take advantage of the seasonal chaos and people’s giving nature with scams and stealing of financial info.
“Individuals tend to not look at accounts closely (during the holidays),” says Sgt. Christopher Davis, supervisor of the Bossier Financial Crimes Task Force.
Instead, he says they may wait until after the dust settles in the new year to reconcile accounts and identify problem charges. By that time, it may be too late to contain damage that has occurred because of stolen passwords or personal information.
“I would check my accounts daily,” Davis advised.
Identity theft products can help minimize the effects of holiday shopping scams and helps to recognize and avoid scams in the first place.
Here are some common scams Davis said the community might see used by fraudsters this holiday season:
- Sham order confirmations
- Bogus shipping notices
- Shady email scams
- Cloned websites
- Disappearing packages
- Fake charities
- Unreal relatives in distress
- Sob stories on social media
Davis says during the holidays there could be an uptick in scams involving fake online orders. Victims usually receive an email that appears to be from a reputable retailer or a payment service, like PayPal, confirming a purchase.
“Your natural reaction is to say, ‘I didn’t buy that,'” Davis said. Scammers will have included a link in the email that people can click to dispute or cancel the order. He goes on to explain that after clicking on that link, victims will be asked to provide personal or payment information that will be used for identity theft or to make fraudulent purchases.
Davis urges shoppers that it they receive an email like this to not click any links in the email. Instead, go to the retailer’s main page, log into your account from there and check for any fraudulent activity.
A variation of fake order scams involves messages purportedly from FedEx, UPS or the Post Office that notify recipients of a delayed shipment. The message may include a link to track the package. However, Davis said that clicking the link could download a virus onto your computer. He says if you’re expecting a package, visit the merchant site to receive tracking information, rather than clicking a link in an email.
People need to be wary of all unsolicited emails they receive, since it’s easy for scammers to clone a website to make it resemble a site you know and trust. They may send you a sale coupon that, when clicked, takes you to a fake website that looks just like the real site The cloned site might simply ask you to log in and then redirect you to the real website so you never realize you were on a cloned page. Once a thief has your login credentials, he or she can access your account to make unauthorized purchases.
“It’s key to look for that lock symbol or the ‘https’ in the browser,” Davis said. “That indicates the site is secure. Also, pay attention to the URL address. Cloned site URLs will look similar to the site they’re replicating, but aren’t exactly the same. For instance, scammers might us a web address like Amazon-12345.com if they are trying to trick people into thinking they are on amazon.com.”
Phishing scams steal personal information by sending emails that look like official communications from trusted websites, but are actually forgeries.
Emails may direct people to download apps that look legitimate but are harvesting data from unsuspecting users instead. Other fake apps may use Open Authorization, known as OAuth, to connect to Google or Facebook accounts and access information there.
The best defense against phishing scams is to never click links in an email. Instead, manually type the web address into your browser to visit the site. That way, you can confirm whether a requested action is legitimate.