Holiday Shopping Alert: Amazon, Other Retailers Warn Customers About Email Scams

HOUSTON, TX — It's an annual tradition: You make your list, check it twice, then hit the internet to make sure you place your orders on time. Dad needs that Houston Astros sweatshirt, mom wants that stylish driving coat, and your wife has her eye on an espresso machine. You check the prices and delivery times and click "buy." Easy, yes, but online shopping has a nefarious side.

This holiday season, Amazon, among other retailers, is warning customers about a scam that's making the rounds, and following a bit of common sense will prevent a lot of hassle and possible expense. Digital crooks are sending emails to individuals stating that a package they ordered cannot be delivered unless further information is provided, including in some cases credit card details. While it might be difficult to believe, people are falling for the scam. In addition, some links when clicked surreptitiously download software to a user's computer that can essentially hold the user ransom, taking over their hard drive until a fee is paid.

Here's the first thing you need to (not) do: Never click a link embedded in an email. If you have questions about something you have ordered, go to the shipper's website and use the tracking number attached to your item or parcel to determine if a problem exists.

“Consumers need to be diligent during the holiday shopping season,” said Caleb Barlow, vice president at IBM Security. “Cybercriminals are trying to entice consumers to click suspicious links by offering deals and tapping into their curiosity. It’s all about following some security basics to keep shoppers safe this shopping season.”

Here are Barlow's top tips to help protect yourself from online scams:

Beware of Unexpected Package Tracking Emails: Be cautious of unsolicited emails. IBM X-Force has identified massive campaigns distributing Locky Ransomware. At one point, the campaign was 45 percent of all spam activity analyzed by the team.

Don’t Save Your Info: Never save your credit card information in retail sites and web browsers. It might make purchases faster, but it could put your card number at risk if the retailer is compromised.

Only Use Trusted Apps: Only download shopping apps directly from the trusted app stores such as iTunes and Google Play. Be especially careful of discount deal apps, especially ones you’ve never heard of. Before downloading the app, check the number of reviews and ratings. If it doesn’t have any reviews or ratings, or a very low number, don’t download it. It might be fraudulent.

Use Caution with Coupon Codes: If the discount looks too good to be true, it likely is. Promo codes from untrusted sources require caution. Don't click links to copy the code; instead, copy it and use it directly on the retailer’s website (even if it's a retail brand you trust). If you must click a link in your email, before doing so, hover over the URL and make sure it’s taking you to the website.

Image courtesy publicdomainpictures.net