'Tis the Season for Scams

(page 2 of 2)

The key to avoiding these scams is to avoid clicking on such e-mail links altogether. For consumers who do open such links, Keats says that if the URL is unusually long or consists of all numbers, it likely isn't legitimate. Misspellings on the site and grammatical errors are also giveaways.

Even sites without such obvious mistakes can be fraudulent. "Honestly, it is very hard to tell," says Keats. Not surprisingly, he and other experts from security outfits say the best way to avoid such sites is to download their security software. Many security companies, including McAfee, offer basic security software, or at least limited-time trials, for free online.

Gift-Card Scams

Gift cards are a wildly popular way for many retailers to take advantage of the desire to purchase a present rather than buy an item someone will only want to return. In recent years, they have also become a favorite means for criminals to launder money, says David Gilles, director of the anti-money laundering group of Deloitte Financial Advisory Services.

Here's how it works: A criminal uses cash earned by illicit means to buys a number of stored-value cards, such as phone cards or gift cards, to condense the funds and make it easier to hide the source of income. He can then use the cards for transactions under the guise of redeeming a gift from some legally employed friend. More often than not, however, the criminal sells the cards to other people, often at a slight loss. This allows criminals to obtain a more legitimate source of funds, such as a personal check or online bank transfer, which can be used to open a bank account. Consumers who buy the cards, often through online auction sites, believe they are getting a deal.

Online gift-card buyers also risk purchasing cards that someone else has access to. Thieves can rip off the gift-card number while it sits in a store display and when the proper owner uses the compromised card, the funds have often already been spent. One way around this is to avoid buying gift cards off the rack where other people clearly may have had access to them. Gift cards for major retailers are typically not on display.

Fraudulent Charities

It seems particularly heartless for criminals to take advantage of the increased generosity many exhibit during the holidays. But if criminals had big hearts, they wouldn't be trying to steal your money, right? "What you will see is stuff [such as e-mails] from your favorite charity, or a charity that you may not have even heard of but it sounds very compelling," says McAfee's Keats. The e-mails typically link to a fraudulent charity site where visitors can submit their account information or credit-card numbers in order to give funds.

"Win a Free Gift" Sites

Keats calls these sites "breakage" sites. There actually may be a prize at the end, such as a free iPod, but 99% of consumers will close their Web browser before they ever get close to the prize. Owners of such sites make sure that they have included enough hurdles to jump through, such as signing up to receive weekly astrology e-mails or a free trial magazine subscription, to frustrate most consumers.

While not technically a scam—there is, after all, a prize at the end—such sites are designed to ensure that users provide their personal information to spammers and other unknown sources for little chance of a payoff.

Keylogging Programs

Programs that monitor the letters and numbers that people type into Web sites are a particular threat during the holidays. Typically, such programs are unwittingly downloaded by PC users who visit virus-ridden Web sites, open an infected e-mail attachment, or even click on a compromised ad with an embedded virus. Web surfers are not necessarily any more likely to download such programs during the holidays, but they are more likely to be entering financial information into myriad shopping sites. "It's not what you catch today, it's what you caught in September that can hurt you now," says David Perry, Trend Micro's global director of security education.

The best advice to avoid many of these scams, of course, is to exercise common sense. "The Web is the same as real life," says Keats. "If it sounds too good to be true, it is."

Holahan is a writer for BusinessWeek.com in New York .