You swiped your card -- and they swiped your data.
The credit and debit card numbers of around 40 million people were stolen in a massive data breach at the Target chain of stores, just as the holiday shopping season shifted into high gear. Customers who made purchases by swiping at terminals in its U.S. stores between Nov. 27 and Dec. 15 may have had their names, credit and debit card numbers, card expiration dates and the three-digit security codes stolen, the company said.
The data breach did not affect online purchases, however, which may have shoppers turning in even greater numbers to the web. But online shopping has its own hazards. Here’s how to shop safely this year.
1. Use Familiar Web Sites
Start at a trusted site rather than shopping with a search engine. Search results can get rigged to lead you astray, especially when you drift past the first few pages of links. If you know the site, chances are it's less likely to be a rip off. We all know Amazon.com and that it carries everything under the sun; likewise, just about every major retail outlet has an online store, from Best Buy to Home Depot. Beware misspellings or sites using a different top-level domain (a .net instead of a .com, for example)—those are the oldest tricks in the book. Yes, the sales on these sites might look enticing... that's how they get you into giving up your info.
2. Look for the Lock
Never ever, ever buy anything online using your credit card from a site that doesn't have SSL (secure sockets layer) encryption installed—at the very least. You'll know if it has it because the URL for the site will start with HTTPS:// (instead of just HTTP://) and an icon of a locked padlock will appear, typically in the status bar at the bottom of your Web browser. Never give anyone your credit card over e-mail. PayPal, however, is still a good, safe way to make a payment.
3. Don't Tell All
No online shopping store is going to need your social security number or your birthday to do business. But if a bad-guy gets them, combined with your credit card number for purchases, they can do a lot of damage. When you can, default to giving up the least amount of information.
4. Check Statements
Don't wait for your bill to come at the end of the month. Go online regularly during the holiday season and look at electronic statements for your credit card, debit card, and checking accounts. Make sure you don't see any fraudulent charges, even originating from sites like PayPal (after all, there's more than one way to get to your money). If you do see something wrong, jump on the phone to address the matter quickly. In the case of credit cards, don't pay the bill until you know all your charges are accurate. You have 30 days to notify the bank or card issuer of problems, however; after that, you might be liable for the charges anyway!
5. Inoculate Your PC
Bad-guys don't just sit around waiting for you to give them data; sometimes they give you a little something extra to help things along. You need to protect against such Trojan horse malware with regular updates to your anti-virus program, something like Norton Internet Security or Bitdefender Total Security.