The internet continues to reshape the way we shop, with retail apps and social media stores adding to consumers’ online options and the coronavirus pandemic driving people to shop from home in droves. Cybercriminals are keeping pace. Online purchasing is the most common scam type reported to the Better Business Bureau (BBB), accounting for 38 percent of complaints to the BBB’s Scam Tracker in the first seven months of 2020 — up from 24 percent in 2019.

The typical shopping scam starts with a bogus website, mobile app or social media ad. Some faux e-stores are invented from whole cloth, but many mimic trusted retailers, with familiar logos and slogans and a URL that’s easily mistaken for the real thing. They offer popular items at a fraction of the usual cost and promise perks like free shipping and overnight delivery, exploiting the premium online shoppers put on price and speed.

Some of these copycats do deliver merchandise — shoddy knockoffs worth less than even the “discount” price advertised as a once-in-a-lifetime deal on, say, Tiffany watches or Timberland boots. More often, you’ll wait in vain for your purchase to arrive. Reports to the Federal Trade Commission (FTC) of undelivered orders quadrupled from 2015 to 2019, and no-shows reached record highs in the spring of 2020 as the spread of COVID-19 fueled a spike in online shopping. 

And your losses might not stop there: Scammers may seed phony sites, apps, or links in pop-up ads and email coupons with malware that infects your device and harvests personal information for use in identity theft.

Not surprisingly, these frauds flourish during the holiday season. A November 2020 AARP survey on holiday shopping found that while 72 percent of U.S. consumers are concerned about the security of their personal and financial information when buying something online, only 15 percent could correctly answer at least 7 of 10 true/false questions about safe shopping practices. You need not forgo the ease and endless selection of online shopping, but take precautions to make sure you get what you pay for.

Warning Signs

• Bargain-basement prices. Internet security firm Norton says to be on guard if discounts exceed 55 percent.
• Shoddy website design or sloppy English. Real retailers take great care with their online presentation.
• Limited or suspicious contact options — for example, they only have a fill-in contact form, or the customer-service email is a Yahoo or Gmail account, not a corporate one.
• URLs with extraneous words or characters (most stores use only their brand name in web addresses) or unusual domains — for example, .bargain, .app or a foreign domain instead of .com or .net.

Do’s

• Do use trusted sites rather than shopping with a search engine. Scammers can game search results to lead you astray.
• Do comparison shop. Check prices from multiple retailers to help determine if a deal you’ve seen really is too good to be true.
• Do research an unfamiliar product or brand. Search for its name with terms like “scam” or “complaint,” and look for reviews.
• Do check that phone numbers and addresses on store sites are genuine, so you can contact the seller in case of problems.
• Do carefully read delivery, exchange, refund and privacy policies. If they are vague or nonexistent, take your business elsewhere.
• Do look twice at URLs and app names. Misplaced or transposed letters are a scam giveaway but easy to miss.
• Do pay by credit card. Liability for fraudulent charges on credit cards is generally limited to $50, and some providers offer 100 percent purchase protection. Paying by debit card does not off offer such safeguards.

Don’ts

• Don’t pay by wire transfer, money order or gift card. Sellers that demand these types of payments are scammers, and unlike with credit cards or reputable e-pay services, there’s little recourse to recover your money.
• Don’t assume a retail website is safe because it is encrypted. Many scam sites use encryption, indicated by a padlock icon or “https://” in front of the URL, to provide a false sense of security. Use other means, like those listed to the left, to confirm if a site is legit.
• Don’t provide more information than a retailer needs. That should be only your billing information and the shipping address.
• Don’t use sites that require you to download software or enter personal information to access coupons or discount codes.
• Don’t buy from sites that are very new, security software maker Norton recommends. Look for a copyright date, and use the WHOIS lookup service to see when a domain was created.

More Resources

• If you’ve been victimized by an online retail scam, file a report with the FTC and the FBI’s Internet Crime Complaint Center. The FTC website also has advice on safe online shopping.
• Report fishy e-shopping operations to the BBB Scam Tracker, which also lets your search for scams in your region.
• File a complaint with your state’s attorney general and consumer protection agency.

Reprinted from AARP Fraud Watch Network