Kimberly Palmer

With more shoppers than ever turning to mobile devices and computers for holiday shopping, many are inadvertently leaving themselves vulnerable to online fraud and scams. Here are 10 ways to avoid becoming a victim this holiday season:

Stay away from fishy-looking sites.

You can't always tell when a website isn't legitimate, but red flags include poor design, a strange or nonsensical web address, and multiple pop-up windows that you can't close. If you notice any of these suspicious signs, stop shopping and close your browser windows.

Avoid clicking on hyperlinks embedded in emails.

The Better Business Bureau warns that legitimate businesses don't send emails asking for follow-up financial information. If an email, even one that claims to be from a familiar retailer, asks you to visit an outside site, don't do it -- it could be redirecting you to a scam site. Instead of clicking on a hyperlink, type in the web address that you want to visit into your browser.

This year, BBB warns consumers about emails coming from the "National Automated Clearing House Association" that ask recipients to click on a link or open an attachment. In reality, the email is from scammers, not NACHA, which does not send emails regarding individual transactions. Clicking on the link or opening the attachment can result in stolen bank information.

Shop on secure websites only -- including on smartphones.

Adam Levin, founder of and Identity Theft 911, suggests looking for "https" instead of just "http" in the address bar. Also, make sure your computer's anti-virus software is up to date, he says, since you can come across some unwanted viruses when surfing online for deals and good buys.

In addition, be wary when shopping from mobile devices, since they often lack anti-virus software. Security firm BitDefender reports that shopping with mobile devices -- as 6 in 10 shoppers plan to do -- can come with a new set of security challenges, since shortened URLs can more easily trick shoppers into visiting harmful sites. Also, public Wi-Fi access is convenient, but it can also leave your personal information accessible to hackers. Avoid entering passwords and credit card numbers while in public hotspots.

Never, ever give your Social Security number to anyone online.

If a site asks for it during the checkout process, it's probably a scam site, says Levin.

Take advantage of the automatic identity theft protection that comes with many credit cards.

That's one reason to use your credit card instead of debit card or cash for holiday shopping. If you see erroneous charges on your statement, call your credit card company, which should investigate on your behalf.

The Better Business Bureau points out that credit card companies are required to allow shoppers to dispute charges, and many companies cover charges made on stolen cards. Don't forget to check your credit card statements frequently (don't just wait until you get your monthly bill) because many card companies have time limits on when customers can dispute charges.

Change up your passwords.

Consumers are asked to remember dozens of passwords for various retailers, banks, and accounts, and it's almost impossible to remember them all -- especially since they often include mixes of numbers and letters. Either keep careful track of your passwords in a secure document, rely on mnemonic devices to boost your memory, or come up with some other clever strategy. But don't stick with simple passwords that are easy for strangers to guess.

Review your rights.

The Better Business Bureau reminds shoppers that if products aren't shipping on time, consumers have the right to cancel the order and get a refund. They can also reject merchandise they deem defective or misrepresented.

Avoid strangers on social media.

This rule is especially important around the holidays, when many retailers use social media to drum up business. Fraudsters also send malicious messages through social networks. BitDefender recommends treating messages from strangers as spam -- just ignore them.

Don't click on fake holiday e-cards.

Festive e-greetings are ubiquitous this time of year, but security firm AppRiver says fake cards can spread viruses. At the risk of being Scrooge, the firm recommends that consumers just delete cards that come from unknown addresses.

Review your statements after the holidays.

Unfamiliar charges on credit card and bank statements are often the first sign of identity theft. If you find an unauthorized charge on your statement, contact your bank or credit card company immediately. Your bank might be able to provide other protective steps as well, such as issuing a new card.


Copyright © U.S. News & World Report