The season of cheer is also the season of credit card fraud, unfortunately. Because it’s a popular time for thievery, you want to make sure you take extra steps to protect your credit card numbers while shopping online.
If you’re thinking about using a debit card for online shopping, you need to rethink that. If your credit card number gets stolen, the Fair Credit Billing Act limits your liability to $50. But most major issuers provide you with zero liability when fraud occurs.
With a debit card, you can lose all the money in your account temporarily. Your liability depends on how quickly you report your lost or stolen card info, but it can take two weeks or more to get the funds back. That’s not something you want to experience during the holidays.
Now, nothing is foolproof. Using a credit card for purchases online still requires vigilance. The new chip credit cards do help prevent cloning, but if the account number is stolen, fraudsters can still use your account online. That doesn’t mean you can’t be proactive and protect your information.
Here are several things to keep in mind while shopping online this holiday season. We’ll start with the basic foundation for online security.
[Read: The Best Rewards Credit Cards.]
Secure your devices. Before you buy anything online, you need to make sure that your computer has a firewall and that it’s turned on. Also, make sure your devices are equipped with software that defends against viruses, spyware and other threats. I use Norton by Symantec, but there are many options to choose from.
While it’s important to secure your devices, it’s also important to download updates from your provider. Stay on top of this, because as cybercriminals try new hacking methods, the antivirus providers adjust their products to handle new risks.
Watch out for phishing scams. Phishing scams might come in the form of emails or texts. You’ll get an email that looks like it’s from a legitimate company, and you’ll be asked to click on a link or an attachment to save money on gifts. Oh, and you’d better hurry because supplies are limited!
But once you click the link or open the attachment, your data could get stolen via malware — malicious software that can collect and share personal and financial information about you.
Another scam is pretending to be a charity and asking for a donation. You’re told it’s easy — all you have to do, of course, is click the link. If you’d really like to contribute to the charity, get on Charity Navigator and find out if the charity is real.
Phishing scams during the holidays might catch you off guard by offering a letter from Santa. You can supposedly get a handwritten letter from Santa to your child. Or Santa might offer the “it” gift at a low price. Again, all you have to do is click on the provided link. Scammers will do anything to pull at your holiday heartstrings.
Here’s another clue an email is a phishing expedition: There are misspelled words in the emails. Fraudsters might be crafty, but they aren’t usually great writers.
[Read: The Best Cash Back Credit Cards.]
Check your credit card accounts online every day. You’ll be surprised by how little time this takes. Look for purchases you didn’t make. According to the Consumer Sentinel Network Data Book 2017, credit card fraud on existing accounts increased 20 percent over the previous year.
Reviewing purchases online can catch fraud if someone stole your credit card account numbers and used them to buy items. But to find out if someone has stolen your identity and opened new accounts in your name, you’ll need to check your free credit reports.
Always check for the extra “s” in the web address. On unsecured sites, you’ll see “http://” at the beginning of the web address. But on a secured site, you’ll see “https://” in the address. The “s” stands for “secured.”
Even when you’re on a website you’ve previously visited, always check for the “s” in the address before submitting your payment information. It’s not unusual for some phishing scams to create logos that resemble the logos of common credit card issuers or financial institutions.
So, it’s easy to get scammed into thinking you’re on your bank’s website when you’re really not. Your mantra: Always check for the “s.”
Don’t make purchases in public places. It’s OK to browse online while sipping your triple espresso, but it’s not OK to make a purchase using your coffee shop’s Wi-Fi. Cybercriminals have access to that Wi-Fi signal, too, and can intercept your data.
These open networks aren’t password-protected and are usually less secure. So be aware of that before you enter your credit card number (or any bank account number) in a coffee shop, retail store or restaurant.
Now, it’s possible to use your own virtual private network. With a VPN, when you are checking financial accounts or buying gifts online, you’re logged into a password-protected network, and your information is protected from hackers. There are free VPNs, but the most secure options cost, on average, around $10.68 per month, according to PC Magazine.
Use virtual credit card numbers. A virtual credit card is one way to keep your account numbers safe. This isn’t a plastic card like the one you hold in your hand. It’s a randomly generated number that changes whenever you use your real credit card to purchase an item online.
Your true account number is never stored on the targeted website. If the retailer’s website gets hacked, the fraudster isn’t able to use the virtual numbers obtained.
Not all issuers offer this, though. Bank of America has a ShopSafe program that generates a temporary number for you to use instead of your actual account number. Citi offers a similar service, but only on selected credit cards. You can also check into using Verified by Visa and Mastercard SecureCode if your issuer doesn’t offer extra security for the credit cards you use.
More from U.S. News