Following the anticipated increase in scam levels from the Visa Holiday Edition Threats Report, Visa Inc. has released a list of 5 habits consumers can follow to practice safe and secure shopping.
These habits for good security hygiene can guide consumers who are planning to shop this holiday/festive season on best practices to stay safe.
Visa’s 5 tips For Secure Shopping:
- Shop from Reputable Retailers: Stick to trusted and well-known retailers. If you’re considering a purchase from a store you’re not familiar with, do some research to check their reputation and authenticity.
- Secure Your Personal Information: Make sure the website uses secure technology. When at the checkout, the website address should start with ‘https: //’. The ‘s’ stands for secure and means that your data is being encrypted and sent over a secure connection.
- Always Check Details in the OTP Message: Before entering the OTP, verify the purpose of the OTP (e.g., is it for a purchase or issuance of a device token) and review the purchase details such as the merchant name, and transaction amount. Finally, you should not disclose your OTPs over the phone, email, or messenger.
- Avoid Public Wi-Fi for Shopping: Public Wi-Fi networks are often unsecured, which makes it easier for hackers to steal your information. Always use a secure, private internet connection when you’re making purchases.
- Beware of Deals That Are Too Good to Be True: Offers on websites and in unsolicited emails can often sound too good to be true, especially extremely low prices on hard-to-get items. Consumers should be suspicious of such deals, as they often are.
The Holiday Edition Threats Report warns that threat actors will seek to exploit consumers’ increased interest and urgency in finding deals and one-of-a-kind gifts.
Highlights of the report’s findings include:
- Phishing and Social Engineering: The advancement of artificial intelligence (AI) over the past year provides threat actors with the ability to create highly customized phishingcampaigns, making it harder for consumers to spot fakes. Fraudsters also create phishing websites, often using malvertising (malicious advertising) and other illicit search engine optimization (SEO) tactics on retail or service websites to entice victims.
- OTP Bypass and Provisioning Fraud: Visa identified many one-time-passcode (OTP) bypass schemes to gain access to cardholders’ accounts. In this scheme, OTP templates are sent to the consumers that appear to be associated with desired purchase.
- Physical Theft: Threat actors may attempt to physically steal payment cards and/or phones from unsuspecting consumers in crowded retail stores, shopping malls, or parking lots.