A couple of years ago when some 40 million credit cards were breached at Target's brick-and-mortar stores, I frantically tried to recall if I had done any holiday shopping at my neighborhood store. Thankfully I hadn't, but my relief was short-lived. That was a close call and a mere swipe away to having my own data, financial and personal, my very identity, stolen.
This year, along with so many of my fellow gift givers, I will do much of my shopping online during the holidays either on my PC or cell phone. In fact, one-third of us will use our mobile devices to buy buy buy, despite the enhanced risk of identity theft. You just can't beat the ease and convenience of the online shopping experience, including delivery to your front door. No waiting in long lines. No fighting other customers for the last Elmo. Vast global inventories at your itchy fingertips. Best of all, shopping can be enjoyed on your schedule, 24 hours a day, seven days a week.
Online shopping is here to stay, and according to marketingadept.com, a stunning 92 percent of us will go online to either research or shop for gifts this season. Unfortunately, this trend is catnip to hackers who are determined to outwit online merchants and steal our precious consumer data.
Merchants assure us that our data is safe with them, but deep down, we know cyber security is not a perfect science. It's getting better all the time, but our data is not completely safe in some impenetrable steel vault. We know determined hackers can blow up security systems and algorithms and codes. Accounts can be hacked, no matter how many firewalls are raised. In 2014 alone, Neiman Marcus, Home Depot, Chase, Staples, and even Goodwill were among the many mega companies that were breached.
We cannot completely depend on merchants to protect our data, nor should we. It's also our responsibility to reduce the risk of identity theft. The first step to enjoying secure, safe online transactions is becoming aware of the many ways hackers and thieves can get the drop on you. Then we can put on our armor to protect ourselves.
Antidotes to hacker cons
CNBC.com contributor Herb Weisbaum (@TheConsumerman) exposed a few "naughty online holiday scams." For example, the digital holiday greeting card you just received via email may have been from a "friend" spambotted from one of your social media accounts. The card could be a Trojan Horse in disguise, delivering viruses and malware directly to your device. Weisbaum says, "Don't click the links in the body of an email alerting you to an e-card and don't open any attachment." There should be a card number listed in the email. Go directly to the greeting card site and paste the number there to be on the safe side.
Hackers count on you opening your email and clicking on those too-good-to-be-true sales promotions and banner ads for Cyber Monday and Black Friday. Sure, they link to sites--that identity thieves created for the sole purpose of hacking your private information. If I don't recognize the vendor on the subject line, I automatically delete the email and send it to the spam file. I don't click links. I also trust my gut. I've received emails impersonating vendors, but knew right away they were attempting to hack me. How? Misspelled words, poorly written copy, and grainy looking logos!
The holidays are the most important time of year for philanthropic giving. Unfortunately, fake online charities, toy drives, and santas are busy scheming to tug at your heartstrings and steal your money and information as well. AARP suggests you "donate to charities you know." If you're interested in giving to a new organization, do your homework first. Check with the Better Business Bureau or charitynavigator.org.
Be smart, safe
Take personal responsibility for your safety and privacy online by taking action on the following list of best practices.
- Most online merchants give customers more than one way to pay. The safest method is using an online payment provider such as PayPal or Google Wallet. This way, the merchant does not receive your private information. Online payment providers offer a secure buffer between you and merchants.
- Conduct your online shopping only on your own PC or mobile device that only you have access to. Do not purchase products on public PCs in libraries, hotels, restaurants, etc. Do not use a friend's device to shop.
- Limit public Wi-Fi use because open networks are easy to hack. However, if you must (and you really shouldn't), make sure to delete the cache, all cookies, identifiers (e.g., passwords), and history.
- Do not share your personal or financial information with anyone online. Do not share your passwords.
- Share these best practices with loved ones who might be vulnerable online: children and seniors. Talk to them about how to be safe on the Internet. Let them know about some of the holiday scams that continue to claim unaware, uneducated victims.
Shopping safe and smart online is not just behaviors taken--it's a mindset. Be vigilant. Never be lazy about your privacy. Now shop until you drop!