Shopping for holiday gifts online? Here are tips for avoiding scams

John Yang:

With the gift giving season just around the corner, shoppers looking for good deals are getting savvier. But so are holiday scammers. One in three Americans say they've fallen prey to an online shopping scam. Just last year, scams involving items that were either counterfeit or never delivered cost people more than $700 million.

Ali Rogin explores these scams with Alissa Abdullah, Deputy Chief Security officer for MasterCard.

Ali Rogin:

Thank you so much for being here. What are some of the most common holiday scams that people should be looking out for?

Alissa Abdullah Deputy Chief Security Officer, MasterCard:

The most common holiday scams are big flashy ads, the big discounts. A lot of times those are things we need to think about. Another common holiday scam may be charitable websites. We're in a time where people are in the season of giving and so you might want to be careful and make sure you verify the website, verify the charity to make sure the charity is a verified charity before you actually donate.

Ali Rogin:

What can people do to make sure those shopping sites, those charity sites are legitimate?

Alissa Abdullah:

So the first thing I tell people to do is take a beat, take a pause, go and do your own research on that website -- on a website. Easiest thing to do. Then you can go and say, I'm going to go on the platform. You need to actually verify the platform as well. Sometimes the website may look good, the charity may sound right, but the platform is a little shaky. So you need to verify all of those things.

I look at the URL to make sure words are spelled right. If you're going to make a payment, you want to use HTTPs because the S on the end of HTTP when you're looking at the web browser, that means secure. So that means when I'm sending money from my computer to the next person it is doing is through a secure tunnel. So those are things got to think about.

Ali Rogin:

Now, MasterCard put out a report that said that nearly half of today's consumers are likely to ignore the red flags of something being a big flashy sale. If there is a really, really lucrative deal behind it, they might just purchase that thing anyway. Why is that? And how should people avoid falling into those kinds of traps?

Alissa Abdullah:

We always want to get the big deal. Well, cyber criminals know that as well. And so when they're thinking about it, they're targeting us with the -- with QR codes, with flashy, you know, urgent, you've got it -- you've got to click this link right now.

Well, actually, you don't have to click the link right now, if you miss that deal one at one store, you'll find it on another. So I always tell people, take a pause, verify, and it is okay. I think that's the suggestion that goes past holiday season.

Ali Rogin:

How lucrative are these scams to scammers?

Alissa Abdullah:

Very, very lucrative. We're talking about a big, big business globally. So you think about it from the good person's perspective, the cybersecurity, you know, industry's perspective, we have to get it right every single time.

The scammer has to get it right once or twice or maybe 10 times, and they've got a big paycheck coming in, and we take note of that. And we use a lot of tools in the background to make sure that we are fighting. Not just fighting and detecting, but we're also preventing. We know now with AI, how we can prevent fraudulent transactions, how we can detect a card has been compromised before you even know it's compromised. So it's a tricky time now, but we've got all the tools in place to help us with that.

Ali Rogin:

Well, and without asking you to reveal too much about the sources and methods that you use, what are some of those tools? What is a company like MasterCard doing to keep their customers safe?

Alissa Abdullah:

We are taking, you know, before we would take a certain amount of data that we had, we would triangulate that data and then we could, from that information, say, huh, this appears to be fraudulent.

Now, AI has given us leaps and bounds, and we've been using AI for the past two decades. I mean, when you think about threat intelligence, when you think about looking at patterns and pattern recognition and knowing, hey, is Ali really in Bahrain making this purchase? You know, no, she actually isn't. She actually isn't. Those are things that we look at.

But now we've got more data points about your transactions, about, you know, all of the information about stores, about your patterns, your habits that we can put together and matter in a matter of seconds to help make a decision on whether that transaction is fraudulent or whether it's real.

Ali Rogin:

What's your advice for people who might be unfamiliar with the degree to which AI is playing a role in their purchases?

Alissa Abdullah:

You know, people are already, I think, using AI now in order to think through, what do I want to buy my spouse. Right. Well, when you think about it from the other perspective, AI is being used to target people. AI is being used to fake, not just websites, but your voice, your dialect, your intonation, your emails. So

there's a balance. There's two things that are happening here. We're using it for the good on the good side and being, you know, for our level of convenience. But then we're also the -- the adversary is also using it on their side. And so luckily we've got tools in place, we've got mechanisms in place, and then we've got conversations like this to remind people, slow down, watch, turn on your notifications, know what's coming out of your account, things like that, so that you know, you can stop things on your own as well.

Ali Rogin:

Alissa Abdullah, Deputy Chief Security Officer for MasterCard, thank you so much.

Alissa Abdullah:

Thank you.