Con Watch: 7 Tips for Safely Shopping Online
Steve Weisman is a lawyer, college professor, author and one of the country’s leading experts in cybersecurity, identity theft and scams. See Steve’s other Con Watch articles.
Online shopping is expected to be bigger than ever during this upcoming holiday season. RetailMeNot predicted a 47 percent increase in consumer spending from last year for the Black Friday weekend. Unfortunately, online shopping is also popular with scammers and cybercriminals who set traps for unwary shoppers.
Here are 7 tips for avoiding online shopping scams and lowering your risk of identity theft.
1. Be on the lookout for fake websites. Scammers are adept at constructing phony websites to sell shoddy or even nonexistent items. Often, in an effort to trick you into trusting them, these websites appear to be from legitimate retailers. Here are some tips to help you avoid the fakes:
- Be wary if the price for a high-demand product looks too good to be true. As always, if it looks too good to be true, it probably is.
- Watch for spelling and grammar mistakes on the website. Many of these phony websites are set up by scammers whose primary language is not English.
- Go to www.resellerratings.com to investigate whether a retail website is legitimate. The site offers reviews about particular merchants. If the retailer’s website is not listed or has bad reviews, you should avoid it.
- Confirm that a website is really that of a major retailer by visiting www.whois.com/whois/, which shows the actual owner of the website. If it doesn’t match who it should be, you know not to trust the website.
2. Look for https. Never provide credit card or other sensitive information on a website unless the domain name begins with https. The extra s at the end of http stands for secure and means that your data is being encrypted when it is being transmitted.
3. Use a credit card — not a debit card — for online shopping. The laws pertaining to fraudulent use of your credit card limit your personal liability to no more than $50, and most credit card companies won’t charge you anything for fraudulent use. However, if your debit card has been compromised by an identity thief, you can lose the entire bank account tied to the card if you do not report the crime promptly. Even If you do report the theft of your debit card promptly, your access to your bank account will be frozen while the bank investigates the crime. Note that while the newer EMV chip credit cards have reduced much retail credit card fraud, the chip doesn’t provide any additional benefit when shopping online.
4. Don’t leave your credit card on file with an online retailer. Although it may be convenient to leave your credit card number on file where you regularly shop, doing so puts you in danger of credit card fraud and identity theft if there is a data breach. If you do not choose to keep your credit card number on file with the online retailer, they are not allowed to store it.
5. Consider using a temporary credit card number for online shopping. Purchases will be charged to your regular credit card number, but even if the temporary number falls into the hands of an identity thief, it cannot be used to access your credit card. You can get a temporary card number from your credit card issuer. A potential drawback to using a temporary credit card number is that using one can make returning goods or getting a refund on a purchase more difficult later when you may have to confirm your credit card number.
6. Don’t use public Wi-Fi to shop. The ease with which public Wi-Fi may be hacked was shown in 2015 when, as part of an experiment, a 7-year-old girl needed only 10 minutes and 54 seconds to hack into a public Wi-Fi system. If you do use public Wi-Fi, be sure to take the following precautions:
- Equip your computer, laptop, tablet, or smartphone with security software.
- Keep your security software updated with the latest security patches.
- Turn off sharing in your device settings.
- Consider using encryption software so that your communications are encoded.
- Consider using a Virtual Private Network (VPN), which enables you to send communications through a separate private network while you are on a public network.
7. Don’t click on links in unsolicited emails. The links in these emails or text messages may be tainted with malware that will steal the personal information from your computer or phone and use it to make you a victim of identity theft. The best course of action if you receive such an email or text message that interests you is to go directly to the retailer’s website. If the offer is legitimate, you will find it there.
The IRS Has a Secret Admirer
Ever since I was a kid and read that Al Capone was arrested for tax evasion, I have feared the Internal Revenue Service. Think of it, Al Capone had killed a zillion people, and while the police were trying to find proof to arrest him for murder, a skinny nerd with a green eyeshade nailed Capone for tax evasion. Insofar as it is possible, I try never to irritate the IRS.
In an effort to stay on the good side of the IRS, I’ve offered them several suggestions to keep them in the black. For starters, since I’m self-employed, I have to pay my income taxes four times a year. I always forget to pay until the day they’re due and end up paying with a credit card so I don’t get arrested and sent to Alcatraz like Al Capone. I use a Kroger credit card, but if the IRS had a credit card, I would use theirs. Credit card companies make $20 billion a year, give or take a few, and it’s time the IRS got a piece of the action. Using an IRS credit card could earn points toward a tax deduction. If you ratted out your tax delinquent neighbor with the barking dog that poops in your yard, you could get bonus points. It was a great idea, but the IRS hasn’t responded.
Or, consider a lottery play: Powerball recently hit $587.5 million. Two families split the money. Chances are good they’ll do something stupid with it and ruin their lives. Since the lottery and the IRS are both run by the government, it makes sense for the lottery to rig it so the IRS wins. For a $2 investment, the IRS could have made $587.5 million. Before long, the government would be awash in money, free of debt. I sent this suggestion to the IRS, but nothing came of it.
They also didn’t respond to my suggestion they buy metal detectors and hit the beaches on the weekend. There have been thousands of shipwrecks over the years, most of them involving ships filled to the brim with gold doubloons. Nic Davies of Shrewsbury, England, in his first venture out with a metal detector, found 10,000 ancient Roman coins buried in a clay pot. Officials estimate they’re worth a billion zillion dollars. Personally, I don’t care for treasure hunters because they dig holes, don’t bother to refill them, and I fall in them and break my legs. But if the IRS agents found enough buried money so we wouldn’t have to pay taxes anymore, I’d learn to cope.
In that same vein, the IRS could send its employees out to garage sales to buy Van Gogh paintings hidden underneath dogs-playing-poker pictures. A half dozen times a year I hear of someone doing this. It’s a great way to make some fast money, but when I wrote the IRS, there was no reply. Nothing. Nada. Zip. It’s no wonder our country’s coffers are empty.
To hear people talk, you’d think the IRS was invented by Adolf Hitler. In fact, it was created in 1862 by Abraham Lincoln to help pay for the Civil War. In nearly every presidential poll, Lincoln ranks as our favorite president. The Republicans refer to themselves as the Party of Lincoln, because, if they called themselves the Party of the IRS, they’d never win another office. Don’t get me wrong, I love and admire the IRS and wish them nothing but the best.
We are fast approaching another April 15, my favorite day of the year. Most people hate that day, but not me. (Did I mention my admiration for the IRS?) I’ll spend the weeks leading up to it carefully going over my financial records, making sure to report every dollar I’ve made in the past year, even the $50 my mom and dad gave me for Christmas. If you happen to work for the IRS, I know you’re busy checking everyone’s return. Save yourself the time and trouble, and don’t give mine a second glance.