The holidays are the busiest time of year for online shopping and as you browse the deals looking for the best buys, cyber criminals are online looking for you, hoping you'll make a common mistake.
Online scams are at record levels this holiday season. Cyber-thieves are sending emails, setting up fake store fronts and doing other things to steal your information or put malware on your computer.
We talked with FBI Special Agent Scott Augenbaum who studies the criminal activity and tactics of cyber-thieves. He gave us 3 do's and don'ts when it comes to online shopping this holiday season.
The first tactic will be used in a large-scale beginning on or around December 15th.
"The bad guys are going to start sending out emails that are going to say, 'your package has been delayed in shipping.' Augenbaum says the emails look legitimate.
'It's going to come from UPS, It's going to come from FedEx, it's going to come from DHL or any of the companies you've dealt with," Augenbaum explains.
"Go to the website and log-in. Do not click on the links. If you click on one of those (bad) links, a malicious piece of malware will be installed on your computer; that malware will run in the background and it's only purpose is to steal your username and password."
If you use the same username and password for multiple accounts, as most people do, the thieves will have access to any account with the same credentials.
Augenbaum said another best practice is for shoppers to use a credit card rather than debit when they're checking out.
"A debit card is attached to your bank account, a credit card is not," said Augenbaum. "If your credit card is compromised online you're not responsible for anything more than the first $50 and that's if you're quick enough."
"If you use your debit card you are going to get your money back from your bank but it will take a little bit of time," he said.
The third recommendation from the FBI is to shop at online retailers you know and trust. Large companies such as Amazon, WalMart, Best Buy and Target spend millions of dollars to protect your information, and while there's no guarantee there won't be a problem, stores you've never heard of pose another risk.
"There are times the bad guys are putting up store fronts that look really good. And you're going to find some outlet when you search for a product, it's going to pop up as a #1 site for this gift that you want," he said.
"If you do a little bit of checking, you're going to find out this place doesn't really exist."
Shoppers who enter their credit or debit card information on those sites have placed all of their information right in front of the bad guys.
Augenbaum suggests on any online search, hover over the web address and look in the lower left hand corner of the browser to see where your click will take you. Many times crooks disguise the web address.
"Is it going to a website, .ru instead of .com," he explains. ".Ru is a Russian web domain while .cn is for websites in China. Those countries are responsible for a large number of cyber-criminals that target U.S consumers and businesses.
Other shopping suggests: