How to protect yourself from holiday scams

LOS ANGELES — Between planning, shopping, partying, traveling, cooking, cleaning and generally making merry, it can be easy to let your guard down during the holidays. Well over 50% of cyber scams are perpetrated between Thanksgiving and New Year’s, according to cybersecurity expert and What the Hack podcast host Adam Levin.

Whether it’s clicking bad links or opening malicious attachments, “because people are in the holiday spirit and sometimes they’re desperate to get gifts for people because time is running short, and they have so many other things to do, they’re inclined to be a little looser with their cybersecurity when they should actually be more concerned about it than ever before.”

We asked Levin to walk us through the proactive steps consumers can take to prevent unauthorized charges and identity theft.

Use a credit card, not a debit card

With a credit card, it’s the bank’s money. With a debit card, it’s your money, and that’s the gateway to your bank account, Levin said. “Even though debit cards are becoming stronger in their protections, the fact is that credit cards are still stronger.” Levin recommends reviewing bank account and credit card statements on a daily basis.

Use long and strong passwords

Do not use silly or simple passwords like “12345” or “password” because they are easy to decipher, Levin said. Also, do not use the same password across a spectrum of websites because when one of those sites experiences a security breach, that password could be available on the dark web.

Levin suggests checking the website HaveIBeenPwned.com to find out if your personal information has been disclosed and where it’s available. Levin recommends using multifactor authentication wherever possible. That’s the system that requires a second, temporary number sent to a trusted device after logging onto a website, providing an additional layer of protection.

Verify links before clicking on them

Shoppers need to be careful about any link or attachment they receive. “Make sure you know where it’s coming from,” Levin said. Oftentimes, bad links are forwarded from a trusted source such as a friend, family member or co-worker who doesn’t realize it includes malicious software. Clicking on a link you haven’t verified could take you to a clone site that steals your personal information or prompts malware to be placed on your computer.

Verify apps before downloading them

Before you download any app, read reviews and pay particular attention to the negative reviews, Levin said. “When people feel that something is not right, they get very loud.”

Consider freezing your credit

Before you begin shopping this holiday season, you can prevent people from setting up a credit account in your name by freezing your credit in advance. “If someone were to get your information while you’re cluelessly wandering along, buying and happily purchasing things, they could use that information to enrich themselves.” Freezing your credit with the three main credit-reporting agencies — Experian, TransUnion and Equifax — will prevent that from happening. And if you need to tap more credit for yourself, you can temporarily thaw it.

Monitor your credit scores

If your credit score suddenly drops during the holiday season and you can’t explain it, it’s because of one of three reasons, all of which you should be aware of, Levin said. Either you’ve used too much of your available credit, you haven’t paid a bill on time or you’re a victim of identity theft, which could be a life-destroying event if it isn’t caught quickly.

Sign up for transactional monitoring on bank accounts

Many banks and credit cards offer their customers the ability to monitor their financial accounts, so they are notified whenever there’s any activity on their credit card or bank account. If you see activity that isn’t yours, then you’re able to notify the retailer and credit reporting agencies.

Beware of public Wi-Fi

People should not use public Wi-Fi for anything other than browsing, Levin said. If you’re going to do any sensitive transactions, make sure you are operating from a mobile provider’s hotspot or a virtual private network.

Sign up for identity damage control programs

A lot of people don’t realize their insurance company, financial institution or human resources department where they work may offer a program to help you through an identity theft incident. Levin recommends asking if they have programs to help if you become a victim of an identity incident and if you are automatically enrolled or need to sign up.