In advance of the holiday season, the FBI is reminding shoppers to beware of cyber criminals and their aggressive and creative ways to steal money and personal information. Scammers use many techniques to fool potential victims, including fraudulent auction sales, reshipping merchandise purchased with a stolen credit card, sale of fraudulent or stolen gift cards through auction sites at discounted prices, and phishing emails advertising brand name merchandise for bargain prices or emails promoting the sale of merchandise that ends up being a counterfeit product.
Fraudulent Classified Ads or Auction Sales
Internet criminals post classified ads or auctions for products they do not have. If you receive an auction product from a merchant or retail store rather than directly from the auction seller, the item may have been purchased with someone else’s stolen credit card number. Contact the merchant to verify the account used to pay for the item actually belongs to you.
Shoppers should be cautious and not provide credit card numbers, bank account numbers, or other financial information directly to the seller. Fraudulent sellers will use this information to purchase items for their scheme from the provided financial account. Always use a legitimate payment service to protect purchases.
Diligently check each seller’s rating and feedback along with their number of sales and the dates on which feedback was posted. Be wary of a seller with 100 percent positive feedback if they have a low total number of feedback postings and all feedback was posted around the same date and time.
Gift Card Scam
The safest way to purchase gift cards is directly from the merchant or authorized retail merchant. If the merchant discovers the card you received from another source or auction was initially obtained fraudulently, the merchant will deactivate the gift card number and it will not be honored to make purchases.
Phishing and Social Networking
Be leery of emails or text messages you receive indicating a problem or question regarding your financial accounts. In this scam, you are directed to follow a link or call the number provided in the message to update your account or correct the problem. The link actually directs the individual to a fraudulent website or message that appears legitimate; however, any personal information you provide, such as account number and personal identification number (PIN), will be stolen.
Another scam involves victims receiving an email message directing the recipient to a spoofed website. A spoofed website is a fake site or copy of a real website that is designed to mislead the recipient into providing personal information.
Consumers are encouraged to beware of bargain emails advertising “one day only” promotions for recognized brands or websites. Fraudsters often use the hot items of the season to lure bargain hunters into providing credit card information. The old adage “If it seems too good to be true, it probably is” is a good barometer to use to legitimize emails.
Scammers try to prey on Black Friday or Cyber Monday bargain hunters by advertising “one-day only” promotions from recognized brands. Consumers should be on the watch for too good to be true emails from unrecognized websites.
Along with online shopping comes the growth of consumers using social networking sites and mobile phones to satisfy their shopping needs more easily. Again, consumers are encouraged to beware of emails, text messages, or postings that may lead to fraudulent sites offering bargains on brand name products.
Here are some tips you can use to avoid becoming a victim of cyber fraud:
- Do not respond to unsolicited (spam) email.
- Do not click on links contained within an unsolicited email.
- Be cautious of emails claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Always run a virus scan on attachment before opening.
- Avoid filling out forms contained in email messages that ask for personal information.
- Always compare the link in the email to the web address link you are directed to and determine if they match.
- Log on directly to the official website for the business identified in the email, instead of “linking” to it from an unsolicited email. If the email appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence from the business will provide the proper contact information.
- Contact the actual business that supposedly sent the email to verify that the email is genuine.
- If you are requested to act quickly or there is an emergency, it may be a scam. Fraudsters create a sense of urgency to get you to act impulsively.
- If you receive a request for personal information from a business or financial institution, always look up the main contact information for the requesting company on an independent source (phone book, trusted Internet directory, legitimate billing statement, etc.) and use that contact information to verify the legitimacy of the request.
- Remember if it looks too good to be true, it probably is.
To report online scams, file a complaint with the Internet Crimes Complaint Center at www.ic3.gov.