Cyber Monday: Top Tips for Avoiding Scams

Security experts warn shoppers about online scams.

November 26, 2010, 3:46 PM

Nov. 29, 2010— -- It's easy to be dazzled by the dizzying array of Cyber Monday deals promising online shoppers steep cuts and savings. But don't get snared by holiday scams as you search for seasonal sales.

About 96.5 million Americans scouted out Cyber Monday sales last year, according to the National Retail Foundation. And analysts say a record number of retailers are offering some kind of online promotion today.

But as retailers ramp up their Internet-based efforts, so do cyberthieves, who can scam shoppers with malicious links, credit card fraud and phishing attacks.

"The holiday season is always ripe with these types of scams," said Hiep Dang, director of operations for security firm McAfee Labs. "It's the perfect storm of consumers ready to buy and the bad guys ready to exploit them. People are so frantic in trying to get their holiday shopping done that, sometimes, they're a little more vulnerable to scams." spoke to security experts about ways to stay safe while shopping online. Check out their tips below.

1. If it sounds too good to be true, it probably is.

"First rule of thumb: If it sounds too good to be true, chances are, it is," Dang said.

You might desperately want to gift a loved one Apple's new iPad, but if an online promotion tries to lure you with a free one if you just hand over your credit card information, don't fall for it.

If a website, pop-up ad or e-mail offers you a hard-to-get holiday item at a super-low price (or even for free), tread very carefully, he said.

Stick to websites you know and trust or, if you encounter a new one, look for the Better Business Bureau seal or check out the site with your state's consumer protection department.

Before You Shop, Secure Your Computer

2. Shop with your credit card.

When shopping online, go credit, not debit.

The Better Business Bureau warns that paying with a credit card is better because federal law enables shoppers to dispute charges if they don't receive the item or if there are unauthorized charges on their card.

Many card issuers also offer "zero liability" policies that ensure card holders pay nothing if someone else steals the card and makes purchases with it.

3. Make sure your browser and security software are up to date.

Before you start playing Santa online, make sure your Web browser and security software are up to date. Companies often release new patches for browsers, such as Internet Explorer and Firefox. Make sure you have installed all the patches necessary for your browsers of choice.

Also, make sure that your computer is running the most recent versions of anti-virus and other security software.

Sean Sullivan, a security researcher for security firm F-Secure, said many people who typically browse the Web from their work computers might switch to their home computers for holiday shopping.

It might also be a time of year when people who normally don't browse at all, hit the Web.

"[They] kind of get activated into browsing, but [they're] nine months out of practice," he said. "Chat with the people in your family you know don't surf except during seasonal events."

4. Be wary of "dangerous" search terms.

Cyberthieves also follow seasonal trends, so as you search the Web, be especially careful with links associated with the hottest products and terms this year.

F-Secure, which releases an annual list of the most dangerous search results, said the malicious links can infect unsecured computers with malware, losing people both time and money.

The company said this season's most dangerous terms are: Kinect for Xbox; Call of Duty: Black Ops; Jewelry; Amazon Kindle; Toys; Black Friday Deals; Cyber Monday Deals; Toy Story 3; Susan Boyle; and Apple iPad.

Shop on Secure Websites

5. Go directly to retailer or corporate sites.

During the holidays, consumers get flooded with e-mail messages promoting special sales and offers.

But McAfee's Dang warned that, whenever possible, go directly to the company's website, instead of clicking on links in e-mails.

Cybercriminals increasingly launch so-called phishing sites, which emulate a commerce site or retailer, but actually are designed to steal personal information.

He also said that if you get an e-mail from credit card companies, you might be better off calling the company directly than clicking any links provided.

"Rather than replying back to e-mail or correspondence that are suspicious, go straight to the source," he said.

6. Make sure sites are secure.

Before you key in your credit card information, make sure the website you're using is secure.

Look in the address box in the browser for the "s" in "https://" and in the lower-right corner for the lock symbol.

ABC News Live

ABC News Live

24/7 coverage of breaking news and live events