It’s the most wonderful time of the year!
Sorry, Andy Williams, I don’t mean the kids jingle belling and everyone telling you “be of good cheer,” but rather the holiday shopping season.
Unfortunately, it’s not the hap-happiest season of all, at least not for 8% of us according to Experian who will be victims of identity theft. Even worse, 43% of identity theft victims will have their identities stolen while shopping online.
My mum happens to be one of those people this year.
I promised I wouldn’t reveal the details of her situation, but it appears she’s in good company. What’s worse, after talking with her, I’m not even sure how it could have happened--and it reminds me that it can quite literally happen to anyone. It’s easy to imagine that victims of identity theft are people who make their password “password” or buy things from phishing websites like Amazon.con that are made to look like Amazon (thankfully not a real website, just an example, but keep an eye on the clever ways that people will try and swap out letters to trick you). Identity theft victims aren’t your octogenarian grandmother giving money to a Nigerian prince; I mean, she’s probably one of them, but 19% of theft victims are between the ages of 25 and 34.
Since we’re approaching some of our biggest shopping days of the year, here are a few things you can do to increase your internet safety:
1) Always use a valid email address when shopping online. This might sound silly, but I know a number of people who use an email they rarely log into when they do their online shopping, because they don’t want to be inundated with the junk mail that follows. My recommendation is to unsubscribe from ad emails instead: this way you get notified of the status of orders you made, and you are aware of any purchases that you didn’t make on your accounts.
2) “I don’t even remember the password to that account.” This is another common one, and I’m guilty of it too. Over the last decade that I’ve been shopping online, I am sure that I have amassed accounts for Target, Walmart, eBay, Amazon, and more websites that I’ve likely forgotten, especially if I only ever made one-off purchases. With websites I’ll never use again, I’m learning to check out as a guest if it gives me the option. It keeps my purchase transactional and doesn’t give the hydra another head for hackers to exploit. For websites that I’ll likely use again, I have made a habit to a) change the password frequently, b) make sure that I don’t reuse passwords from one e-commerce site to another, and c) when I find myself saying “I don’t even know that password,” I know it’s time to change the password a little sooner.
3) Don’t click email links. Not to contradict my first point, because I want you to still be aware of what is coming into your email, but you should always visit websites directly. I get about a dozen fake Amazon emails a week. I still read them all to make sure I don’t have a rogue purchase on my account, but I visit Amazon.com directly instead of clicking anything in the email body. I never know who is trying to phish for my password, and the last thing I want is to jeopardize an account that could give someone access to my home address, my work address, my parents’ address, and the ability to communicate with my Alexa.
4) Use two-factor authentication. If a service you’re using offers this, utilize it. It’s going to be your new best friend. 2FA gives you an added layer of protection so that account access isn’t immediately granted upon typing the correct username and password; typically, a code is sent to your phone or email for you to enter. People complain that it’s tedious, but I can tell you that waiting for a one-time password or other authentication code via text, email, or third-party app is a lot less tedious than having to deal with your bank’s fraud department. Every website has a different process, so Google to find out the proper setup for each respective website.
5) Get familiar with your bank. No one wants to be a victim of identity theft, but it helps to know what do to if it happens. Do you know what number you need to call to report fraudulent activity? Do you know how to navigate your banking app so you can turn your card off? Do you know the answers to your own security questions? It turns out that I have no clue what my favorite food or sport is, so it can’t hurt to revisit those questions every so often to make sure they still apply.
This list is by no means comprehensive, and there are certainly other precautions you can take (using prepaid cards, regularly monitoring your credit score, burying your money in the backyard and moving to the woods like a hermit, etc.). Feel free to share with us some of your fraud tips and tricks; we might even learn a thing or two.