Tracking inflation What to do with yours Best CD rates this month Shop and save 🤑
MONEY
Target Corp

Holiday scammers taking aim via text, e-mail, cellphone

Susan Tompor
USAToday

Remember all those data breaches at big-name retailers? Well, now holiday shoppers are being warned about potential scams via text, e-mail and even the phone.

The headlines are filled with the shocking developments out of the Sony Pictures hacking. But consumers need to remember that other cyberattacks have enabled hackers to harvest millions of e-mails for everyday consumers at places like Home Depot and Target in the past year or so. While credit card numbers likely have changed by now, most e-mails and phone numbers remain the same and can be used in phishing expeditions.

This shopping season, identity thieves have a shot at sounding more legitimate. After all, they have stolen e-mail addresses and phone numbers and may know where you shop or work.

"Now an identity thief has contacts," warned Adam Levin, chairman and cofounder of Credit.com and IDT911.com.

I don't know if there is a connection to hackers, but I've heard more complaints lately involving scammers claiming to be from the Internal Revenue Service, too. Con artists appear to be using free time during the holidays to demand money for fake tax bills.

One Oak Park woman told me this week that she was quite upset that someone insisted that she pay $3,688.43 in unpaid federal taxes. She knew it was a scam but was frustrated, anyway.

KrebsOnSecurity.com is warning this holiday that consumers should be wary if they receive an e-mail asking them to "confirm" an order or a package shipment. Do not click on any of those links.

"Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities," Brian Krebs wrote in his security blog.

Krebs has spotted scam e-mails that misuse the logos of Home Depot, Walmart, Target, Costco Wholesale and others.

We're in a rush as we move closer to Christmas Day and big year-end deadlines. Crunch-time means that it can be easier to fool someone who might not otherwise be fooled.

Melanie Duquesnel, president and CEO of the Better Business Bureau serving eastern Michigan and the Upper Peninsula, said consumers need to recognize that their e-mails at work can be vulnerable, too.

"E-mail is e-mail. Hackers are hackers. And if they can get anybody, they'll get anybody," Duquesnel said. "They're going after anybody who will say 'Sure' or 'Yes.' "

Don't be tricked by seeing a big brand name in an e-mail, either.

The Better Business Bureau reports that scammers are using the Amazon name to trick people into thinking they just received an e-mail relating to their order.

Duquesnel showed me another e-mail that she received this week that claimed to offer an Amazon coupon for doing a survey. But the e-mail had that big-time scam feel with an address that included the words "santafriendship."

The BBB warned last month about a "pizza scam," which looks like an e-mail from Pizza Hut about a survey. But again, we're looking at something that would download malware.

A fake Santa can be flying through cyberspace, too.

Some scam websites promise a letter from Santa but can steal credit card information to hand over to the Grinch.

The Better Business Bureau warns that consumers might get an e-mail offering a "Handwritten Letter from Santa to Your Child." When you click on the link, you might see a free shipping special that ends, not coincidentally, in just a few hours, according to the BBB.

If you're looking for Santa to talk to your child, you could head to the mall. Some legitimate sites exist, too, such as Michigan-based PackagefromSanta.com.

A good tip: Ignore e-mails that demand that you make a move now for free shipping or some other reason.

Be wary of e-mails that supposedly are from your bank, too, suggesting that you need to act now to unfreeze an account.

Remember, scammers can pretend to be retailers who have seen data breaches and ask for personal information to help the retailer "sort things out." It's just another scam.

Data breaches aren't going away; pay attention if you shop at certain stores that are hit.

Early in December, the fashion-forward retailer Bebe disclosed that its in-store payment processing system was hacked between Nov. 8 and Nov. 26.

Security experts say we're likely to hear about more cyberattacks. So watch any activity in your bank account — and any oddball e-mails you receive along the way that could be tied to a scam.

Contact Susan Tompor: 313-222-8876 or stompor@freepress.com

How to avoid ID fraud and scams during the holidays:

■Do not use a public WiFi system to buy gifts or other items.

■Holiday gifts might bust a budget. But never wire money to cover the cost of supposedly "winning a prize."

■The Federal Trade Commission is suggesting that people exchange tips on scams during holiday events to spread the word.

■If a teen gets a tablet or cellphone as a holiday gift, take time to discuss scams like the free "pizza coupon" that can download malware.

■A legitimate e-mail isn't going to ask you for your Social Security number, your credit card number, your debit card or other personal information.

Featured Weekly Ad