Festive season online shopping:

How are you doing your shopping this Christmas? Online or through a bricks and mortar store?

According to an ING Direct survey of more than 1,000 people, 70% of Australians plan to do at least part of their shopping online.

Lisa McVeigh, a mum of three from the Canberra suburb of Fadden, says she’s one of them.

“Even in a relatively small place like Canberra, I have neither the time nor interest in getting along to a shopping centre.

“My kids are past the ‘visit to Santa Claus’ phase so I don’t have that reason to go anymore either!” she says.

“I will definitely be doing all my shopping online – in fact, I’ve already started.”

There’s even more of an incentive for people like Lisa to shop online this year with the introduction of Better Price Tags, a virtual shopping mall connecting customers with top online retailers.

“Better Price Tags takes shopping online to a whole new level,” says David Einstein, one of the co-founders. “It allows customers to earn money while they spend.”

Each time a purchase is made via Better Price Tags, the company share’s the retailer’s commission with customers as cash back deposited directly into the customer’s bank account. Mr Einstein said they have more than 800 online retailers for shoppers to choose from.

But there is one potential downside of our growing addiction to online shopping – identity theft.

According to Sean Duca of McAfee, the potential for identity theft increases as consumers share information across multiple devices are often not protected.

“Understanding criminals’ mindsets and being aware of how they try to take advantage of consumers can help ensure that we use our devices the way they were intended – to enhance our lives, not jeopardise them,” says Mr Duca.

To help consumers stay alert McAfee has identified the top ‘12 Scams of Christmas’

1.  Not-So-Merry Mobile Apps

Official-looking software for holiday shopping, including those that feature celebrity or company endorsements, could be malicious, designed to steal or send out your personal data. Criminals can redirect incoming calls and messages, offering them the chance to bypass two-step authentication systems where the second step involves sending a code to a mobile device.

2.  Holiday Mobile SMS Scams

FakeInstaller tricks Android users into thinking it is a legitimate installer for an application and then quickly takes advantage of the unrestricted access to smartphones, sending SMS messages to premium rate numbers without the user’s consent.

3.  Hot Holiday Gift Scams

Advertisements that offer deals on must-have items, such as PS4 or Xbox One, might be too good to be true. Clever crooks will post dangerous links and phony contests on social media sites, and send phishing emails to entice viewers to reveal personal information or download malware onto their devices.

4.  Seasonal Travel Scams

Phony travel deal links and notifications are common, as are hackers waiting to steal your identity upon arrival. When logging into an infected PC with an email username and password, scammers can install keylogging spyware, keycatching hardware, and more. A hotel’s Wi-Fi may claim that you need to install software before using it and instead infect your computer with malware if you “agree.”

5.  Dangerous E-Seasons Greetings

Legitimate-looking e-cards wishing friends “Season’s Greetings” can cause unsuspecting users to download “Merry Malware” such as a Trojan or other virus after clicking a link or opening an attachment.

6.  Deceptive Online Games

Before your kids are glued to their newly downloaded games, be wary of the games’ sources. Many sites offering full-version downloads of Grand Theft Auto, for example, are often laden with malware, and integrated social media pages can expose gamers, too.

7.  Shipping Notifications Shams

Phony shipping notifications can appear to be from a mailing service alerting you to an update on your shipment, when in reality, they are scams carrying malware and other harmful software designed to infect your computer or device.

8.  Bogus Gift Cards

An easy go-to gift for the holidays, gift cards can be promoted via deceptive ads, especially on Facebook, Twitter, or other social sites, that claim to offer exclusive deals on gift cards or packages of cards and can lead consumers to purchase phony ones online.

9.  Holiday SMiShing

During the holidays, SMiShing is commonly seen in gift card messages, where scammers pose as banks or credit card companies asking you to confirm information for “security purposes”. Some even include the first few digits of your credit card number in the SMS message to fool you into a false sense of safety.

10. Fake Charities

Donating to charities is common this time of year for many looking to help the less fortunate. However, cybercriminals capitalise on this generosity, especially during natural disaster events, and set up fake charity sites and pocket the donations.

11. Romance Scams

With so many niche dating sites now available to Internet users, it can be difficult to know exactly who the person is behind the screen. Many messages sent from an online friend can include phishing scams, where the person accesses your personal information such as usernames, passwords, and credit card details.

12. Phony E-Tailers

The convenience of online shopping does not go unnoticed by cyber scrooges. With so many people planning to shop online, scammers set up phony e-commerce sites to steal your money and personal data.

McAfee has the following safety tips:

ReviewApps

• Review mobile apps carefully before downloading. Check the comments section and confirm the app’s legitimacy directly with the parties that the software claims are involved.
• Double-check that the “download” button is legitimate when attempting to install new apps on your phone.
• Use antivirus software and learn more about FakeInstaller here.

Deals and Steals

• If an offer seems too good to be true, it probably is. Purchase directly from the official retailer rather than from third parties online.
• Do your best to verify “low” prices on this season’s biggest sellers.
• Check gift cards that you receive for suspicious misspellings in the sender’s name or the name of the card company itself. Double-check IP addresses on the sites you use for shopping and look at customer reviews to verify an e-tailer’s legitimacy.
• Always check the domain name on shipping notification alerts and be cautious of any that you receive when you have not sent a package or requested them.
• Only download or buy games from reputable websites.
• Check in with retailers about the legitimacy of a deal you see advertised and talk to your children about how to spot and avoid online potential scams.

Research Before Sharing

• Banking and credit card companies should never ask you for personal information via text message. If you receive such a message, contact your bank directly via phone, secure website, or in-person. Some other specific examples include:
• Log on to trustworthy dating sites when looking for love online and be wary about sharing personal information of any kind to websites or individuals you encounter online.
• Do background research on the charity you’d like to donate to and think before sharing any type of personal information on a website that looks suspicious.

Be Cautious When Traveling

• Before traveling, make sure that all of your software is up-to-date and run a virus scan. If you’re asked for a username and password after clicking a link, try using a fake input on the first login attempt. The extra few seconds it takes to load confirms that the page is actually looking for valid username/password combinations; scam sites will let you right in.