1. During the holidays, criminals engage in “black-hat SEO,” wherein they create fake websites and then use the same techniques as legitimate online businesses regarding search engine optimization, marketing, and online advertising via Google AdWords. They use keywords to boost rankings on Internet searches, causing their spoofed websites to appear alongside legitimate websites. These same processes are also used to infect unsuspecting users with malware.

2. Many victims who wind up on malicious websites when holiday shopping have found their way to these sites via phishing emails, which offer high-end products for low prices. It’s easy enough to avoid this. Common sense says that whenever you receive an unsolicited email offer, you ought to automatically be suspicious. The same applies to any offers received through tweets, or messages sent within social media. Scammers are committing social media identity theft everyday. If you aren’t familiar with the online retailer behind an offer, don’t even bother clicking a link, especially if the offer sounds too good to be true.

3. If a familiar and trusted website sends you an email offer and you decide to click, make sure you’ve been taken to the correct URL for the retailer. Beware of cybersquatting and typosquatting, in which the address only resembles the legitimate domain.

4. When placing an order online, always look for “https://” in the address bar, signifying that a page is secure. Scammers generally don’t take the time to create secure websites. Note that an image of a closed padlock also indicates that a website is secure.

5. Beware of emails from eBay scammers. I’ve been getting ten a day. The fact is, it’s difficult to tell a real eBay offer from a fake one. If you are seeking deals on eBay, go directly to the site itself, and don’t bother responding to emails. If a deal in an email is legitimate, you can find it by searching eBay.

6. Whenever you decide to make an eBay purchase, look at the seller’s history. eBay is based on the honor system. If a seller is established and has a record of positive feedback, they should be trustworthy.

7. Don’t worry about credit card fraud. But do pay close attention to your statements. Check them online at least once every two weeks, and refute unauthorized charges within two billing cycles, otherwise you will pay for an identity thief’s shopping list.

8. Don’t use a debit card online. If your debit card is compromised, that money comes out of your bank account directly and immediately. Credit cards offer more protection and less liability.

9. Avoid paying by check online. It’s fine to use checks in person, but when using an unfamiliar virtual website, it is not. Once money has been taken from your account and the goods, you’ve ordered fail to arrive, getting it back proves difficult if not impossible. Use a UniBall gel pen to prevent check washing.

10. Do business with those you know, like, and trust. I, for one, am guilty of buying from retailers who offer the best deals. But I only buy low-ticket items from unfamiliar sellers, generally spending less than $50. It’s best to buy high-ticket items exclusively from retailers that also have brick and mortar locations.

Robert Siciliano is a personal security expert contributor to Just Ask Gemalto, and he is running the Boston Marathon in April 2012 to support Miles for Miracles for Children’s Hospital Boston.

Be Sociable, Share!