Click here to download a list of tips for safer holiday shopping.
Shopping online is easy and convenient. Online sales are expected to grow another 11% - 15% this holiday season! Cybercriminals are always working on their next score, so avoid getting scammed by using these tips to help keep you safe while online shopping.
1. Use a password manager.
Password managers create and store your usernames and passwords in an encrypted vault. UC Berkeley offers FREE LastPass Premium. At a minimum, separate your work/University and personal accounts and make sure that your critical accounts have strong and unique passwords — and multi-factor authentication when available.
2. Charge it.
Pay by credit card, not debit card. Credit cards offer protections that may reduce your liability if they’re used without your authorization. Debit cards and wiring money typically do not have the same level of protection. A related tip is to use a separate credit card only for your digital transactions. While this won’t prevent theft, it will limit your exposure and make online fraud easier to detect. When possible, use payment gateways (Paypal, Apple Pay, Google Pay, etc.) so your credentials won’t be revealed to the merchant. Pay close attention to your bank statements and report to the bank immediately when there is a charge you don’t recognize.
3. Beware of gift card scams.
Use caution when buying or paying with gift cards because they lack safety measures and are prone to fraud. If an online seller or someone you don’t know insists on payment with a gift card (or with the numbers from a gift card), it’s likely a scam. Also, only buy gift cards from reputable sellers, reject any that are damaged or show signs of tampering, and save your receipts for proof of purchase.
4. Make purchases from known, reputable sources.
Make sure you know the identity of the seller. When you’re making purchases online, check the URL of the website and make sure it begins with https. Apps should always be downloaded from an official store and kept up to date - especially if you make purchases within the app. Less reputable apps can include malicious software ("malware") designed to steal credit cards and other sensitive information. After your purchase, always get a tracking number so you can monitor the shipping process. And beware of “undeliverable package” emails or texts. These are often scams. Always confirm the shipping status directly through the seller's website, not from a link or phone number in a text or email.
5. Don't respond to pop-ups or unsolicited texts.
Ignore pop-up offers and deals sent to you via text, email, or social media. Just delete them and don’t respond, click on any links, or call any phone numbers. Scammers are known to send offers that really are too good to be true, such as free gift cards or super low prices, in exchange for people’s personal or credit card information. Similarly, don’t respond to popups saying that you need to buy anti-virus software or software to “clean your infected computer.” These are all scams. If you are unsure whether something is a scam, go directly to the company’s website and use the contact information listed there to confirm.
6. Secure your devices.
Use a strong passphrase or biometric (fingerprint or facial scan) to log in, and set a timeout that locks your devices after a short period of inactivity. If you're limited to a simpler PIN, use at least six digits.
7. Don’t use public Wi-Fi.
When you’re on public Wi-Fi, never access or enter anything private. Accessing sports scores? Cool. Looking up the bus schedule? Fine. Accessing your bank account? Not so much. If you use a business's Wi-Fi, make sure to ask the owner for the exact name and password of the network to avoid connecting to a malicious imposter network.
8. Research before making donations.
Scammers often pretend to be legit charities to trick people into donations. When making a donation, make sure to research the individual or organization your money is going to. And only use the official, published website, not a link or phone number that someone sent you. Do not respond immediately if someone encourages you to donate over the phone, text, or on social media, as scammers can easily make fake caller IDs.
9. Be aware of pet scams.
During the holiday season, many people would also consider welcoming a new furry member to their families. Experts say 80% of sponsored pet ads might be fake. Whether you’re making a purchase or an adoption, research the breeder or shelter. Pay attention to the adoption fee you’re paying, and always see the pet in person before making a payment.
10. Report a scam or a fraud.
Use the bMail web interface to report phishing and other suspicious email sent to your Berkeley email account. If you're scammed on social media, consider reporting the scammer's account to the company: Facebook / TikTok / Instagram / eBay / Craigslist. The FBI also recommends reporting holiday scams to ic3.gov, the FBI’s Internet Crime Complaint Center (IC3). You should also contact your credit card company or your bank to dispute any suspicious charges.