Kamala Harris

In preparation for the holidays, consumers will soon flock to stores and websites to shop for gifts, décor, and more. Unfortunately, during this time of year, there is also a significant increase in fraudulent scams and identity theft, both on and off-line. Attorney General Harris offers these tips to help consumers be more vigilant and secure as the shopping season kicks off:

Tips for Safe Shopping

Review your bank and credit card statements frequently for unusual transactions. Call your bank or credit card company to immediately report any suspicious activity.

In the event of a security breach involving your debit or credit card, monitor your account and contact your bank promptly if you see any suspicious transactions. If you have been breached, you are also entitled to place a free initial fraud alert with one of the three national credit reporting companies (Experian, TransUnion, and Equifax); the reporting company must then notify the other credit reporting companies of the potential fraud.

If the security breach involves your debit card, the best way to protect yourself is to immediately cancel the card and get a replacement card with a different number. Your bank will assist you in this process.

If you receive a call from your credit card company that requests you to verify your account information for security reasons, ask to call the credit card company back and then call the telephone number listed on your credit card.

Shipping e-mail scams are becoming increasingly common. Be wary of e-mails that appear to be from shipping companies that contain an attached file; this is a good indication that you have received a fraudulent e-mail that contains a virus. Also, during the holiday season, theft of packages becomes more common. If you do not have a secure area for delivery companies to leave a package, consider requiring a signature for packages or having packages held for pickup at a nearby shipping center.

Parents and grandparents should be wary of scam artists who pretend to be a child or friend of a child who has encountered a medical or legal emergency and needs money immediately. Scammers are able to get personal information from social media to make the calls sound legitimate. A good way to avoid this situation is to have a secret word the child would use in an emergency situation.
Scammers can use handheld scanners and counterfeit credit cards to use gift cards that they do not actually have. Only buy gift cards that are kept behind the store’s customer service counter or activated upon checkout. Before buying the card ask for it to be scanned to show that it is fully valued.

Online Safety Basics for the Holidays

Say “no” to bad websites. A secure website always has a padlock icon and “https” in the web address (aka the URL” at the top of the page). If you doubt the site’s trustworthiness, move on!

Also, do not create an online account with a merchant you don’t trust. If you have doubts, look for the online seller’s physical address and phone number in case there’s a problem.

Say “no” to strange apps. Scammers can use mobile apps and games to hide malware that steals your personal information. Do not download apps unless they are from a known source and have third-party reviews that verify their legitimacy.

Know your Wi-Fi. Don’t use free wireless networks, such as those in coffee shops, when you shop online. Waiting until your have a secure connection (at home, for example) is a smart and easy way to bypass identity theft and financial fraud.

Know your device. Public computers, such as those in hotel business centers, may contain viruses and malware that steal your information. Don’t use them for online purchases or accessing your accounts.

Update and patch computers, phones and tablets. Say “yes” and “now” to system updates on your devices. Use up-to-date anti-virus protection and make sure it is receiving updates.

Use strong passwords. No repeaters. Weak and repeat passwords are a hacker’s holiday treat. Always use more than ten characters, with numbers, special characters, and upper and lower case letters. Always use different passwords for different sites.
Credit – never debit – for online shopping. Pay with a credit card rather than a debit card. In case of fraud or a data breach, debit cards do not have the same consumer protections as credit cards.

Protect against pop-ups. Cash! Gift Cards! Malware! Hackers can use pop-ups to infect your computer with malware – never click a pop-up window. If a window pops up promising rewards for quizzes and surveys, close it by pressing Control + F4 on a Windows computer and Command + W on a Mac.

Give yourself a gift: adopt easy “two-step” protection. A two-step protection process for your e-mail account pairs “something you know” – like a password or PIN – with “something you have,” like your cellphone or a physical token. It adds an extra layer of security to prevent access to your account and the personal information in it. For example, after inputting your password, you will then receive a text on your cellphone, giving you a one-time-use code to log into your e-mail account. Information on how to set up this two-step protection strategy for each of the following e-mail providers can be found here:

Outlook – http://windows.microsoft.com/en-us/windows/two-step-verification-faq
Gmail – http://www.google.com/landing/2step/
Yahoo – https://help.yahoo.com/kb/account/two-step-verification-extra-account-security-sln5013.html
Additional Consumer Resources

The California Attorney General’s consumer tips on identity theft and other privacy issues can be found here: https://oag.ca.gov/privacy/info-sheets.

Consumers can file a complaint with the Department of Justice by using the following form: http://oag.ca.gov/contact/consumer-complaint-against-business-or-company.

If you have additional questions or comments, please call: 800-952-5225.