Sales generated from online shopping in the United States are expected to reach $207 billion USD during the 2021 holiday season, according to Adobe. While this time of the year often draws increased attention from criminals due to an influx of cyber deals, package deliveries and overall consumer spending, it does not mean we are free to let our guard down for every other month on the calendar.

Annually, cybercrime grew by a whopping 20 percent in 2020, reaching more than $4.2 billion in reported losses based on the FBI’s Internet Crime Report.

While the holiday online shopping season may be a good time to evaluate your personal cyber security and privacy posture, as well as cyber threats and available insurance coverages, consider incorporating these three tips to help protect your online activities all year round.

How to Uncover Fraudulent Websites

One of the most prominent scams impacting consumers is the non-payment/non-delivery method, which accounted for $265 million in victim losses according to the FBI’s Internet Crime Report. In a non-delivery scam, a buyer pays for something they find online, but the item is never shipped by the fraudulent merchant. This type of fraud is typically carried out in two different ways – both of which generate the same result – loss of money and no delivered goods/service to the buyer.

With the first, scammers will purchase domains that mirror legitimate retailers and clone the website content to make it virtually impossible to distinguish between the two based on appearance alone. The second is in the form of an unknown business with no track record. A red flag with each approach will be in the deep discounts of the products being advertised. However, this may be more difficult to uncover in a sea of Black Friday or Cyber Monday deals.

This is where a little detective work should be applied by taking a look behind the curtain of the website. Navigate to whois(dot)com and click on the “whois” tab at the top of the site. This will allow you to conduct a domain lookup of the online retailer prior to making any purchases. A domain lookup allows anyone to see when a website was established, who owns it, and what country it is registered in, among other details. This search will allow you to uncover important details about the website that are not evident by visiting the site itself.

Warning signs of a scam site will be registration to a foreign country, especially if the business is portrayed as a U.S.-based entity. Another scam indicator will be a newly registered website (typically less than a year old). New scam sites pop up with the sole purpose of inflicting as much damage as possible before too many complaints begin appearing online. This will be particularly telling if the site is impersonating an established brand. Go a step further by entering the name of the company in an online search alongside “scam” or “customer reviews” to see what results are generated.

Protect Your Online Payments From Online Shopping Scams

Raise your hand if you had a new payment card issued in the last 18 months because of a data breach. In the same FBI crime report mentioned, credit card fraud topped $130 million in 2020 – an increase of 17 percent over the prior year. The next time you are online shopping, consider using a virtual card or masking service in place of your actual card details.

A virtual card can provide a layer of privacy and security to allow online shoppers to conceal the credit card’s actual information when making a purchase. This method works by generating a unique number, expiration date and security code as a substitution. These cards can be set up in a few different ways to offer valuable protection for consumers.

One option is to create a one-time use only card. Another method is to create merchant-specific cards. In the event a merchant becomes compromised, your virtual card number will not be usable anywhere else. Some of the services can also allow for spend limits to be set for each virtual card.

These methods all provide greater protection from online shopping scams and reduce your risk for falling victim to payment card fraud.

Behind the Mask: Business Imposter Scams

Recent data from the Federal Trade Commission indicated consumers lost $1.6 billion from business impersonation scams from January through September 2021. Those in the age group of 30-39 experienced the most significant losses compared to any other age category, with $160 million in reported fraud losses. These scams will ramp up during the holiday season particularly in the form of package delivery notices and order notifications.

It may be tempting to respond to a text message informing you of an unexpected $100 order on your Amazon account or an email from FedEx allowing for package delivery tracking, but do not. Never respond to unsolicited communications meant to provoke immediate action (clicking a link, opening an attachment, or providing sensitive information). Always log in to your account directly to verify purchases or call your service provider with the number provided on the company website or on the back of your payment card. Never engage through the initial call, email or text message, no matter how urgent the message may appear.

While cybercrimes tend to run rampant this time of year, you can ensure a safe and happy holiday season by uncovering fraudulent websites, protecting your online purchases, and identifying impersonation scams. It is important to follow best practices and guidelines while remaining vigilant—now and throughout the entire year.

Written by David Derigiotis and Burns & Wilcox