While online shopping is attractive and convenient, it’s important for you and your loved ones to be aware of potential dangers. Fraudsters are lurking with online shopping scams, such as fake web stores and pharming sites.
Suspicious web stores
With the ease of opening online stores, and the reach social media platforms provide, scammers are often lurking just around the corner. They may use familiar company names for legitimacy or offer hot products at a fraction of the price. However, the products you purchase may never arrive or may be much lower quality than expected. When shopping online, use the following tips to keep from becoming the next victim:
- Do your research. Search for the company name and product with words like “rip-off,” “complaint” or “scam” to see what others are saying. Seek out seller reviews from multiple trusted sources and impartial experts. Be wary of phony or paid for reviews when limited reviews are available.
- Devil in the details. Review terms and conditions before a trial or subscription purchase. If you can't find them or can't understand exactly what you're agreeing to – beware.
- Keep an eye out. Monitor your bank and card statements regularly. If you’re charged for something you didn’t order, charged more than expected, or see repeat charges, file a dispute as soon as possible with your financial institution. It's also a good idea to see if your financial institution has an app, like Old National's ON Guard, that enables you to turn your debit card off if someone is using it to make purchases.
- Limit your losses. Use a payment method with limited liability regarding fraud or theft. Avoid paying with ACH, wire and gift cards, because these methods are like giving cash and reduce the ability to recover stolen funds.
By now you probably have heard of phishing, but you may not be aware of pharming. Pharming is the practice of directing a user to a bogus website that appears to be a legitimate one. Scammers will guide a target unknowingly to pharming sites after they fall victim to phishing and/or malware campaigns. These sites can capture a user’s login information, security codes, PINs and other personal information. Consider the following advice to help protect your personal information:
- Be skeptical. If something doesn’t look or feel quite right, be suspicious. It may be as simple as a layout looking off, misspelled words, a minor URL difference, or something as intrusive as a site asking for sensitive information you’ve never had to provide before.
- Don’t get phished. Phishing e-mails use familiar company names and provide links to send you to their pharming sites. Good practices are to be alert for questionable senders of emails, never click suspicious links, and be wary of threatening or urgent messages trying to get you to take action. When in doubt, call the company directly using a legitimate, known number (not a number provided in the email itself) and confirm that they did in fact send the email.
- Keep up to date. Make sure updates are current for all your software, applications and operating systems and consider using automatic updates. In addition to new exciting features, these updates also close security holes attackers use to compromise your devices.
- Don’t catch a bug. Use comprehensive anti-malware and antivirus solutions to help keep your device healthy. If you can install or remove applications on your computer, you are using an “administrator” account. Web browsing as an administrator can lead to increased and more complex infections if a virus takes control. Consider creating and logging in with a basic account (i.e. standard user account) for surfing the web and to perform daily activities.
Enjoy the convenience of shopping online, but stay safe.
For additional steps you and your family can take to reduce your risk of fraud and identity theft, visit the Old National Security Center or the FTC Consumer Information site.
More ways to avoid being a victim of fraud
Find more articles and videos about detecting scams and protecting yourself from financial fraud.
Kyle is a Senior Analyst with Old National’s Information Security team, responsible for protecting the bank and its clients from cybersecurity risks. He joined Old National in 2005 and has worked in various compliance, security and third-party due diligence roles.
Copyright © 2020 ONB