Logo

Table of Contents

search icon

Holiday Fraud Watch: Staying Safe When Shopping Online

8 min read
blog holiday fraud2

As you get ready for holiday shopping this year, chances are good you’ll make some of your purchases online. Nearly 60% of people surveyed by the Better Business Bureau (BBB) say they shop online more often nowthan they did before the pandemic. Scam artists are taking advantage of this trend: Online shopping scams topped the list of riskiest rip-offs for consumers last year, according to the BBB 2021 Scam Tracker Risk Report, accounting for more than one-third of all scams reported to the organization.

Online holiday shoppers are often harried, hurried, and searching for deals, all of which can leave them vulnerable to fraud. From products that never arrive to stolen credit card numbers or personal information, online scams can put your bank accounts, financial data, and identity at risk.

11 Tips to Avoid Holiday Fraud When You Shop Online 

A few simple precautions can help safeguard you from scam artists. Protect yourself when shopping online by following these 11 tips.

1. Confirm the website is legitimate.

You can safeguard yourself by limiting your online shopping to reputable websites, such as major retailers or online marketplaces. However, scam artists are getting better at creating fake versions of real websites, and when you’re in a rush, you might miss the clues.

To avoid fraud, carefully examine the website’s URL for these common red flags:

  • Misspellings or extra characters.

    For example, you might see the URL jcpenny.com (fraudulent) instead of jcpenney.com (legitimate).

  • Unusual top-level domains (TLDs).

    The TLD is the last part of the URL, such as .com or .net. Some of the TLDs most commonly commonly used by scammers are .casa, .discount and .fit. It can be easy to miss a TLD or dismiss a TLD like .fit as a clever URL for a sporting goods site.

  • Security issues.

    A URL starting with “https://” indicates the site uses encryption to secure any data you enter on the site. You may also see a padlock icon in your browser bar when a site is secure. If so, you can click on the padlock to see the name of the company associated with the site’s security certificate—a digital signature used to establish encrypted connections.The certificate owner’s name should match the name of the retailer. Don’t shop or share personal information on sites that aren’t secure.What if you want to support small businesses or come across an incredible deal from a new-to-you retailer? Not all unfamiliar companies are fraudulent, of course, but vet an unknown site thoroughly before
    you buy. Here’s how:

  • Confirm contact info.

    Scroll down to the bottom of the home page or look for “About Us” or “Contact Us” information. Legitimate companies will list a physical address and phone number, giving you a way to contact them if there’s a problem.

  • Check for complaints.

    Search for the retailer’s name online, along with terms like “complaint” or “fraud,” to see if any consumer complaints pop up.

  • Consult third-party review sites.

    Check the retailer’s rating at Better Business Bureau® or Trustpilot®.

  • Test transparency.

    Type the URL into Google’s Transparency Report to see if it has been deemed unsafe.

  • Peruse privacy policy.

    Look for a privacy policy explaining how the site protects your personal data. You can generally find this link at the bottom of the site. Avoid any site without a privacy policy.

2. Shop on social media with caution.

Nearly half of people the BBB surveyed reported spending more time on social media in 2021 than pre-pandemic. Criminals are taking advantage of this trend, too. About one-fourth of all fraud reported to the Federal Trade Commission (FTC) last year stemmed from scams on social media, according to the agency’s latest Consumer Protection Data Spotlight.

Scammers use social media ads, posts, or messaging to target you with bogus offers or links that may spread malware or viruses. Friends may unknowingly spread these scams by sharing a post about a cool product or great deal. The scammers might reach out via direct message to ask for your payment information. Not everyone selling on social media is a scam artist, of course, but as with any unknown website, always verify a site’s legitimacy before you shop, and never share payment information or other personal details with others on a social site.

3. Beware of merchants offering big discounts.

Unbelievable deals like 90% off a new smartphone or the latest game console for $25 can tempt any budget-conscious shopper. But as the saying goes, if it sounds too good to be true, it probably is. Deep discounts can tempt you to click on an online ad, social post, or email just out of curiosity. Avoid the temptation and go directly to the retailer’s website instead; if the deal is real, you’ll see it there.

4. Clip online coupons carefully.

Online coupons can save you money but can also be sources of scams. Legitimate ecommerce sites often ask for your email in exchange for a discount, but fraudsters typically ask for more personal information. For example,they may want you to fill out a form or survey that reveals information, such as a pet’s or child’s name or favorite color, that could provide clues to security questions a criminal could use to change your passwords and hijack accounts. Beware of ads or popups you don’t recognize offering coupons; instead, sign up for coupons directly on trusted retail sites.

5. Think before clicking on random email and text messages.

Phishing and smishing scams use fake messages (emails, in the case of phishing; text (SMS) messages in the case of smishing) to trick victims into turning over money or personal information. The messages typically appear to be from a trusted company, such as a bank, retailer, government agency or shipping company.

Fraudsters may try to trick you into clicking links by claiming that:

  • You need to update your payment information

  • Your account has been compromised and you need to change your password

  • You need to confirm personal data like your Social Security number.

If you volunteer that information, scammers can use it to steal your data or identity. Even just clicking a link in a bogus email or text message might download malware or expose your personal data to hackers. Phishing and smishing often attempt to create a sense of urgency that can lead you to click before you think. If you get a message like this, stop, and think. Do you have an account with the sender? If not, don’t act on the message, but report it to the FTC at ReportFraud.ftc.gov. If you do have an account with the sender, go to their website and contact them directly to ask about the issue.

6. Update your phone and computer security settings.

Set up automatic updates on your computer and mobile devices to keep their operating systems current. Updates often fix security issues and outdated operating systems can expose you to risk. Install firewall and antivirus software and keep that updated, too. Run regular virus scans.

7. Use strong passwords and multi-factor authentication.

Multi-factor authentication requires you to take extra steps in addition to supplying your username and password when logging into an online account or smartphone app. You might have to input a code texted to your phone or use the phone’s facial recognition or fingerprint recognition technology to confirm your identity. This makes it difficult for a thief to access your accounts even if they learn your passwords. Whenever possible, enable multi-factor authentication for safety.

Strong passwords are vital to keeping your data safe when shopping online. The FTC recommends you:

  • Choose passwords at least 12 characters long.

  • Use a mix of upper and lowercase letters, numbers, and symbols.

  • Avoid common phrases or words scammers could learn from social media or
    public records, like a child’s name, your birthdate, or your hometown.

  • Don’t reuse passwords. Create a new password for each account.

Make your life easier by using a password manager, which generates secure passwords, encrypts and stores them, and fills them in automatically. Google Password Manager (built into the Chrome browser and Android devices), iCloud Keychain (built into the Safari browser and Apple devices), LastPass®, and Dashlane® are all popular options.

8. Choose only secure methods of payment.

Using a credit card when shopping online is safer than using a debit card. If your credit card information is stolen and used fraudulently, but the card itself isn’t stolen, you’re not liable for any unauthorized charges. Debit cards have fewer protections. If a scammer steals your debit card information, they could access your bank account. Notify the bank within two business days of the unauthorized transaction, you’re liable for up to $50. If you notify them after two days but within 60 days, you’re responsible for up to $500. Wait longer than 60 days,however, and you could be liable for the full amount.

Using a peer-to-peer (P2P) payment app like Zelle®, PayPal® or Venmo® to make a purchase? Be cautious. A study by fraud tracking company Javelin found P2P fraud rose 733% between 2016 and 2020. A recent investigation by Sen. Elizabeth Warren found Zelle users lost $440 million to scams in 2021—and 90% of them never got their money back. For example, if your P2P account is connected to a bank account or debit card, scammers who access your P2P account might be able to drain your bank account. Beforeusing any P2P service to make online purchases, carefully read the terms and conditions to understand your risks.

Be vigilant when buying from online retailers or social media sites you’re not familiar with. Exercise extra caution when dealing with merchants who will only accept payment via cryptocurrency, wire transfer, or prepaid debit or gift card (that they push you to obtain before the transaction can be completed)—often these are signs of a scam. According to the FTC, paying via gift card is the most common way people lose money to scammers. And once money is sent using any of these methods, there’s no way to trace it or recover the payment.

9. Conceal your credit card information.

Storing your credit card information on a retailer’s website can save time when shopping, but that convenience could come at a steep cost if hackers access your account information. For a safer option, there’s Click to Pay®,a service that stores your credit card information and lets you pay with one click at participating retailers. Click to Pay never sends your card nformation to retailers. Instead, it uses an encrypted placeholder called a token that’s used only once, for that specific transaction, and uses two-factor authentication for extra security. To sign up, log onto Click to Pay from any of the major card networks: Visa®, Mastercard®, Discover®, and American Express®.

10. Monitor your bank and credit card accounts.

Thieves know most of us spend more than usual at this time of year, so it’s easy for a false transaction to slip under the radar. Don’t wait for your monthly statement to review your spending; check your accounts weekly for transactions you don’t recognize. Better yet, set alerts to stay on top of your accounts in real-time. Most banks and credit card issuers let you set a variety of alerts, including notifications sent to your smartphone of transactions that exceed a certain amount, transactions on a certain card, or any account activity at all.

11. Check your credit reports for suspicious activity.

You can get free copies of your credit report from each of the three major credit bureau—Equifax, Experian and TransUnion—at AnnualCreditReport.com.Normally, credit reports are free once every 12 months, but in response to pandemic-related scams, you can now get them every week through 12/31/23. Check your credit reports for anything unusual. For example, if you see a new credit card or loan you never applied for, it could be one of the signs someone has stolen your identity and is using it to open accounts in your name. If you find anything suspicious, contact the relevant credit bureau about placing a fraud alert or security freeze on your credit report and visit IdentityTheft.gov for advice on next steps.

The Bottom Line

Online shopping can sometimes seem as perilous as swimming with sharks. Fortunately, there are ways to steer clear of scams. By securing your technology, choosing a safe payment method, and remaining cautious and alert to potential fraud threats, you can keep yourself and your bank accounts safe while checking off every holiday item on your list.

You May Also Like

Related Articles
14 holiday shopping & budgeting tips to save money this year
If you’re feeling a pinch in your wallet this year you’re not alone. With inflation, supply chain issues, high gas prices, and wage stagnation, many Americans are feeling anxious about their financial well-being heading into the holiday season.
Personal Finance
Nov 24, 2024
5 min read
Best Ways to Reduce Spending and Save Money Over the Holidays
What affects your credit scores?
Your credit score plays a key role in nearly every aspect of your financial life—from the rates you receive on loans to applying for utility services and cellphone plans. Given how often those numbers will come into play, it is a smart move to aim for the best scores you can.
Personal Finance
Jul 13, 2024
9 min read
What Affects Your Credit Scores?
7 ways to prevent identity theft and protect your finances
Identity theft happens when your personal information is stolen and used without your permission. Understanding the warning signs, knowing how to protect your information, and what to do if your identity is stolen can help keep your identity safe and recover faster. 
Personal Finance
Jul 6, 2024
9 min read
Preventing Identity Theft
Credit Report Red Flags: What to Look For & How to Dispute Errors
Identifying red flags and knowing how to correct inaccuracies in your credit report can help keep your credit score in good shape. Here's what you need to know.
Personal Finance
Jun 25, 2024
10 min read
How to Read Your Credit Report: Red Flags and Errors You Should Dispute
Top 7 Reasons People File for Bankruptcy and How to Avoid It
Often a measure of last resort, reasons for filing bankruptcy frequently involve overwhelming medical debt, financial strain due to a divorce, or an unaffordable mortgage.
Personal Finance
Oct 17, 2023
6 min read
Exasperated looking young woman sitting at desk looking at laptop holding papers in one hand and her head in the other

WHAT WE OFFER

Personal LoansPersonal BankingAuto RefinancingPatient SolutionsBusiness LoansBusiness BankingCommercial BankingInstitutional InvestingLC NotesOther Types of LoansApply for a Personal LoanApply for a Bank Account

RESOURCES

Borrower ResourcesInvestor ResourcesPersonal Loan Rates & FeesCustomer ReviewsResource CenterGlossarySafety & Privacy

LEGAL

Terms of UsePrivacy PolicyData Collection and UseAccessibilitySEC FilingDisclosures and AgreementsLegal Requests

ABOUT US

CRA Public FileCompanyLeadershipCareersMedia CenterCorporate GovernanceInvestor RelationsContact

ACCOUNT

Sign InMobile AppHelpYour Privacy ChoicesYour Privacy Choices

Powered by the LCTM platform

LC Logo
Apple App Store IconGoogle Play Store Icon
LC logo

595 Market Street, Suite 200

San Francisco, California 94105

If you have special access needs and are having problems accessing this website, please call 888-596-3157.
Equal Housing Lender
accredited-business
verify-sign

LendingClub Bank and its affiliates (collectively, "LendingClub") do not offer legal, financial, or other professional advice. The content on this page is for informational or advertising purposes only and is not a substitute for individualized professional advice. LendingClub is not affiliated with or making any representation as to the company(ies), services, and/or products referenced. LendingClub is not responsible for the content of third-party website(s), and links to those sites should not be viewed as an endorsement. By clicking links to third-party website(s), users are leaving LendingClub’s website. LendingClub does not represent any third party, including any website user, who enters into a transaction as a result of visiting a third-party website. Privacy and security policies of third-party websites may differ from those of the LendingClub website.

Savings are not guaranteed and depend upon various factors, including but not limited to interest rates, fees, and loan term length.

A representative example of payment terms for a Personal Loan is as follows: a borrower receives a loan of $19,008 for a term of 36 months, with an interest rate of 11.74% and a 6.00% origination fee of $1,140 for an APR of 16.09%. In this example, the borrower will receive $17,868 and will make 36 monthly payments of $629. Loan amounts range from $1,000 to $40,000 and loan term lengths range from 24 months to 60 months. Some amounts, rates, and term lengths may be unavailable in certain states. 

For Personal Loans, APR ranges from 8.91% to 35.99% and origination fee ranges from 3.00% to 8.00% of the loan amount. APRs and origination fees are determined at the time of application. Lowest APR is available to borrowers with excellent credit. Advertised rates and fees are valid as of Oct 10, 2024 and are subject to change without notice. 

Checking a rate through us generates a soft credit inquiry on a person’s credit report, which is visible only to that person. A hard credit inquiry, which is visible to that person and others, and which may affect that person’s credit score, only appears on the person’s credit report if and when a loan is issued to the person. Credit eligibility is not guaranteed. APR and other credit terms depend upon credit score and other key financing characteristics, including but not limited to the amount financed, loan term length, and credit usage and history.  

Unless otherwise specified, all credit and deposit products are provided by LendingClub Bank, N.A., Member FDIC, Equal Housing Lender (“LendingClub Bank”), a wholly-owned subsidiary of LendingClub Corporation, NMLS ID 167439. Credit products are subject to credit approval and may be subject to sufficient investor commitment. ​Deposit accounts are subject to approval. Only deposit products are FDIC insured.

“LendingClub” and the “LC” symbol are trademarks of LendingClub Bank.

© 2024 LendingClub Bank. All rights reserved.