Saturday, May 15, 2021

Beware the Online Shopping Grinch

The term “Cyber Monday” entered the lexicon as the Internet’s answer to “Black Friday,” the day after Thanksgiving and the traditional kick-off of the holiday shopping season.

On Cyber Monday, Americans return to work after the Thanksgiving holiday. Still nursing a tryptophan hangover, they hunker down at their office computers and start their holiday shopping — gobbling up company time in the process.

Throughout this holiday season, experts are predicting that more people than ever will duck the malls and shop with their computers. But the comfort and ease that make online shopping so appealing have a dark side.

But like moths to a flame, spammers, phishers and all manner of other cyber criminals rush to the Internet during the holiday shopping season to prey on unsuspecting shoppers.

“The bad news is that criminals are not going away,” Tim McDowd of Microsoft’s Trustworthy Computing Group, told “The good news is that there are things you can do to protect your PC,” as well as commonsense practices to guard against online criminals.

Cyber criminals are adopting the tactics of legitimate retailers as they try to trick consumers. More online retailers are offering free shipping and other promotions to draw shoppers to their sites. A recent study from Microsoft and Harris Interactive found that “63 percent of online shoppers would open an e-mail or click on a link from an unknown retailer during the holiday season if it offered free shipping, and 59 percent would do so for special discounts.”

The same study found that slightly more than one-quarter of online adult Internet users has fallen prey to a scam while shopping online. Given that scammers are getting better at passing themselves off as legitimate merchants, how can consumers tell who’s for real and who’s bogus?

Fortunately, there are things online shoppers can do to make their holiday experiences safer.

  1. Too good to be true?
  2. “The very key thing: If an offer looks too good to be true, it probably is,” McDowd said. These e-mails are often phishing scams, where the link connects to a site that downloads some type of malicious software onto the computer without the user knowing.

  3. Look for professionalism
  4. Misspellings and typos in e-mails are a dead giveaway. Also, when visiting an online store, look for a privacy policy. Any legitimate e-commerce site will have one.

  5. Check for signs of encryption
  6. In the site’s URL, look for “shttp” or “https,” which indicates that the purchase is secured or encrypted. Encryption scrambles your credit-card number and other data that you submit to guard against a hacker intercepting it en route. The closed padlock in the browser’s status bar is also a sign of encryption.

  7. It’s cyberspace, not outer space – Earth rules apply
  8. McDowd warns that online criminals are becoming more sophisticated, increasingly including logos and other graphics in their e-mails that convince recipients that the sender is legitimate.

    However, no legitimate organization will ask consumers to update their information online, he said. Just as you wouldn’t give out your Social Security number to someone who calls your house claiming to be from a credit bureau, don’t respond to e-mails asking for personal or account information.

  9. Consider the sender
  10. One cunning scam that McDowd said is on the rise involves online greeting cards. Just as with other phishing scams, an e-greeting message will have a link for users to click that might take them to a site where they will be exposed to malware.

    The commonsense rule is harder to apply here, because an e-mail simply alerting recipients that someone has sent them an e-card from American Greetings seems innocuous enough, unlike the too-good-to-be-true offers from faux retailers. The best defense is to not click the link unless the e-card comes from someone you know.

  11. Fine-tuning
  12. Now is a good time to tune up the junk mail settings in your e-mail to filter out messages from known spammers and phishers.

    And don’t forget your operating system. Make sure it’s updated and enable automatic updates to receive the latest security updates.

    And finally, use a credit card to make purchases rather than a check card. Consumer loss is generally more limited with credit cards if the account is used to make fraudulent purchases.

    This article was first published on

Similar articles

Latest Articles

How IBM has Changed...

Think is IBM’s big annual conference, and again this year, it was digital. I’m noticing a sharp quality difference in shows like this where...

Database-Tuning Platform Launches and...

PITTSBURGH — A team out of Carnegie Mellon University is launching its automatic database-tuning product today with the help of $2.5 million in funding.   OtterTune,...

Top 10 Professional Services...

Professional services automation (PSA) software aims to offer service-based companies most of the software they will need to run their businesses in one package....

What is Data Aggregation?

Data aggregation is the process where raw data is gathered and presented in a summarized format for statistical analysis. The data may be gathered...