As people around the country inundate websites on Cyber Monday to get the best deals on all of this season’s holiday gifts, it is important to remember that scammers do not take the holidays off.
With credit card numbers and personal information being shared through web browsers and mobile and work devices, it is important for people to be vigilant when making their purchases to prevent them from becoming the victim of cybercrime.
According to Shelley Winter, Vice President of Technology at First State Bank & Trust, a relatively new mobile device scam that is making the rounds this holiday season is gift card smishing.
“It starts with someone receiving an unsolicited text message directing them to a dummy website where they have allegedly won a gift card to say Target, Hy-Vee, Walmart, Best Buy and other places like that,” she said. “When you get to the site, instead of a gift card, the site asks for personal information and that of your closest friends.”
The purpose of the gift card smishing scam is to lure you into providing account information – such as logins, passwords or card card numbers – by clicking on a link that takes you to a website.
Scammers also use smishing to confirm that someone’s cell phone number is real, which can then be compiled into a list and sold to other scammers.
“So then if you respond to the text you are confirming that your cell number is real, which scammers then compile into a list and sell on the black market to other scammers,” Winter said. “It is just a random thing, you have people out there that have software that can generate thousands of texts per minute and they send it out and hope that someone responds. If you get a text on your phone that is too good to be true, then it probably is.”
Another cybercrime that scammers use to target holiday shoppers is malware in the form of e-mails sent by delivery companies likes FedEx and UPS.
“A lot of times people will get malware into their computers because at this time of year we are all looking for the package coming into our houses,” Winter said. “So it could be an e-mail that appears to be from FedEx or UPS that claims your package has a problem and cannot be delivered. Usually they want you to click on the link and once you open it your computer gets infected, or there is ransomware which holds all of your files hostage.”
According to Winter, scams like gift card smishing and other forms of identity fraud can be avoided by following certain guidelines like: making sure links are secure, using a passphrase that is alphanumeric, and being weary of sites that are asking for things like your social security number, or bank routing number.
“Make sure that you don’t need to give them all of your information, they might want your email and your credit card number and how you are going to pay, which makes sense,” she said. “But when they start asking for your social (security number) and other confidential information that only you should know, those are red flags.”
Other steps to take include making sure that your home Wi-Fi is secured with a password, and that you do not make purchases on public computers.
“Make sure you are not using a public computer to make purchases because information can be stored and people that know what they are doing with computers can get that information,” Winter said.