Best Practices for Safe Holiday Shopping November 29, 2023 The holiday season is upon us and with it comes the joy and excitement of giving to the people and causes we care most about. Unfortunately, this time of year also brings with it a flurry of cyberattacks and fraudulent activity as hackers capitalize on retailers and holiday shoppers. With cyber threats predicted to rise this year, it’s more important than ever to take extra care with monetary transactions, which is why we’ve assembled this list of best practices to keep your financial information safe – and your holiday joy, intact. 1. Stay Calm Have you recently received a text message asking you to resolve unidentified charges on your credit card? Or opened an email indicating one of your loved ones is stranded overseas and needs money? How about a phone call alerting you your bank account has been hacked? Don’t panic, and whatever you do, DON’T engage. Instead, call your credit card company, family member, or financial institution using their known number. Better yet, visit them in person. If there is truly a need for action on your part, it’s best to hear it directly from the source. 2. Tame Your Curiosity It’s human nature to want to learn more, especially if we’re prompted by fear, excitement or confusion. It isn’t surprising then that phishing remains one of the costliest cyber attack methods, with almost two thirds of Americans falling victim to phishing attacks each year as the result of opening a malicious link, document or attachment. Before you click on that URL, website or social media promotion, STOP and validate the source. 3. Keep Your Personal Information Locked Down NEVER provide your PIN, digital banking credentials or other sensitive information to anyone who calls or texts you to ask for it – even if they claim to be your financial institution. Any legitimate organization that needs your personal information to conduct business won’t call, email or text you to request it. 4. Do Your Research While shopping online for this year’s sought-after toy or tech gift, you might stumble across an unknown retailer offering the item for a lower price. Could it be that you’ve discovered a hidden gem? Maybe. It could also be a spam shopping site trying to steal your information and money. Opt for a trusted retailer if you can, and always look for “https” in the website URL (the “s” stands for secure). It’s also a good idea to search for the seller’s name + “spam” or “complaint” to see if it’s already been flagged as a scam. Last, if product reviews or feedback ratings are poor, the choice is clear – shop elsewhere. Researching charitable organizations? You’ll want to apply the same due diligence here as well. 5. Strengthen Your Cyber Defense If you haven’t invested in antivirus software, your devices – and all of the data housed within – are at increased risk of being compromised. Add the use of free, public Wi-Fi networks, and you may as well be gifting your personal information to potential fraudsters. Before you even consider tackling your shopping list, start by making sure your device and network connection are secure. 6. Pay the Smart Way If an online vendor ever requires you to pay with a gift card, wire transfer, cash or crypto-currency – walk away. These forms of payment are notoriously difficult to trace and almost always irreversible, which is why they are such attractive options for scammers. Instead, use a form of payment that allows you to monitor for and dispute suspicious transactions, such as a credit or debit card. As an additional layer of defense, save record of your purchases in the form of receipts, payment confirmations, and any other communications that take place between you and the seller. 7. Take the Extra Steps Given the number of passwords we’re asked to keep track of these days, it might be tempting to make them all the same or similar. Don’t let complacency get the best of you. Strong passwords should be long and complex, unique for each account, and include a mixture of uppercase and lowercase letters, numbers and symbols. Better yet, use multi-factor authentication whenever it’s offered. This added layer of protection will make it significantly more difficult for a hacker to access your account, and only takes a few extra seconds of your time. 8. Trust Your Gut You know how the saying goes – “if something seems too good to be true, it probably is.” When we get caught up in the hustle and bustle of the holidays, it’s easy to be swayed by flashy promotions, “low” prices, “quick” shipping, or the promise of an unexpected payout. Just remember, Publisher’s Clearing House winners never have to pay to win. Slow down, heed the red flags, and read the fine print before you end up in over your head. 9. Limit Mailbox Use When it comes to sending packages or monetary gifts the traditional way, you may want to avoid the mailbox. Theft from personal and USPS mailboxes continues to rise, making a direct drop off with your mail carrier or post office the safest bet. Checks are an especially popular target as thieves have discovered methods for successfully altering the names and amounts transcribed to commit fraud. Moral of the story – use a secure, digital platform for your transactions, or put directly in the hands of a U.S. postal worker. 10. Report Scams ASAP Reporting fraud or suspected fraud to the appropriate agencies as soon as it takes place is beneficial for many reasons. First, if you lost money or other possessions in a scam, the timeliness of your report could increase the likelihood you get those items back. Second, your report can help government officials track scam patterns and take legal action. Last, but not least, your efforts may keep others from experiencing the same fate – which seems like a pretty simple way to act in the spirit of holiday giving. Keep these best practices top of mind every time you make a purchase. With a little extra care, you can prevent scammers from stealing your personal information, AND your holiday joy. Security & Fraud Resources from Community First Credit Union: For up-to-date information regarding fraudulent activity, as well as measures you can take to protect your accounts, please visit the CFCU Security Education web page. If you believe you may have given your information by mistake, please contact us immediately at (920) 830-7200 or visit one of our branches so we can take steps to protect your accounts.