TMI: Holiday Shopping Survey Shows Consumers Willing to Spill their PII Beans

Share Article

IDentity Theft 911 provides tips for safe spending and a hoax-free holiday

News Image

In song, the 12 days of Christmas include partridges, turtledoves, French hens, calling birds, geese and swans. In reality, scammers fly high on unsuspecting pigeons vulnerable to their holiday hoaxes. And what’s worse is that consumers are willingly giving out personally identifiable information (PII), according to a survey* commissioned by IDentity Theft 911, a leader in identity management and data risk management services, and gFk, a market research company.

Thieves continue to exploit every angle they can to get information from consumers, like phishing emails, fraudulent URLs, and charity scams. Consumers are taking notice of the growing risk of identity theft and have become very concerned about the different tactics thieves are employing. Some of the survey findings show:

  •     When online shopping, more than half of respondents said they would provide personal information that is not typically needed to complete a transaction, like a Social Security number, mother’s maiden name, or birth date.
  •     82 percent of respondents are very concerned about the possibility of identity theft when shopping online
  •     When shopping online, 81 percent of consumers are most afraid of identity theft occurring by credit/debit card fraud. Seventy one percent are fearful of retailer data breaches, 73 percent are very concerned about phishing emails, and 69 percent are very worried about fake charity scams.
  •     Some shoppers have been wary of purchasing something online because they felt the site was not secure, but 53 percent purchased anyway.

Despite these scary statistics, 60 percent of those polled say they don’t take extra precautions during the holidays by checking their bank or credit card information more often than other times during the year.

What should consumers do? If a consumer falls victim to an identity theft scam, they should call their insurance company, credit union, or other financial institution to see if they have access to identity management services. Some of these companies provide proactive and reactive services to their customers for little or no charge.
To avoid getting plucked, IDentity Theft 911 provided these tips for safe spending and a hoax-free holiday:

1.    Pay attention to website URLs. Online searches can lead you to scammer-run websites that unleash computer malware or collect credit card numbers for identity theft. Carefully read website domain names. Watch for unfamiliar vendors or missing letters, misspellings or other tweaks to the name of a legitimate company. Pay special attention to the last letters: For example, indicates a Mongolia-based website, not the legitimate, website for Tiffany & Co.,

2.    Steer past sites that lack clear Terms and Conditions. Before ordering, check the “Contact Us” page for a phone number and physical address, and the “Term and Conditions” link detailing return policies and such. Unlike legitimate vendors, bogus websites are less likely to post these—or they’ll provide them in a suspicious manner, such as via a faxed request only.

3.    Avoid buying untended gift cards. Buy gift cards from a store’s attended Customer Service counter or its website, rather than display racks, which are less secure. Fraudsters can peel off stickers to glean gift card codes, replace them in envelopes and wait for an unsuspecting shopper to buy them. Once purchased and activated, they enter stolen codes at the retailer website to make online purchases – leaving the intended recipient with a useless card.

4.    Shop on https sites only. When buying online, don’t provide your credit card or other information on any page without an “https://” instead of merely “http://”. The “S” is for “secure.” Even with an “https://” avoid using public hi-fi hotspots for online shopping or other financial transactions.

5.    Beware of post-auction offers. When shopping at online auction sites, never trust offers that arrive after you’ve lost a bid, such as when a seller claims to offer you the merchandise off-site.

6.    Take care on Craigslist. At Craigslist or when answering classified ads, deal only with sellers who provide a phone number that you can verify. Don’t rely solely on email correspondence. Assume any request for wire-transfer payment is a scam; also be suspicious of prepaid debit card transactions. Using Paypal or a credit card are your safest bets.

7.    Avoid deals that are too good to be true. Stay clear of prices from private sellers that are too good to be true or tied to hard-luck stories, such as a need to sell quickly because of divorce or military deployment). These are common scams to get advance payment—and you’ll likely get no merchandise.

8.    Beware of holiday e-cards from unnamed friends or admirers. Delete these if you don’t know the sender or even if they’re from These mass-sent greetings likely contain malware. Legitimate card notifications should include a confirmation code to safely open the card at the issuing website.

9.    Avoid emails claiming that FedEx, UPS, DHL or the U.S. Postal Service has an undeliverable package with links for details. The links will install malware that can log keystrokes to steal computer files and passwords. Unless you previously provided an email address, courier services won’t contact you this way.

10.    Don’t fall for an email or mailed postcard about an undeliverable package. Hmmm, funny that the courier has your address but couldn’t provide delivery. This scam baits you to call or click for details—at which point you’ll be tricked into making an expensive overseas call and/or to revealing your personal and financial information. Look up the callback number yourself if you’re curious.

11.    Be mindful of charity scams. Be suspicious of email solicitations unless you have previously provided your email address to a charity. Never give cash to charities. And request proof materials be provided and authenticated before providing a credit card to callers or a check to door-to-door solicitors.

12.    When giving or receiving computer devices, secure them with comprehensive security suite software before use. Do an online check of vendor reputations before installing mobile apps. When transferring files with a flash or portable hard drive, use a secure USB stick that encrypts information.

*The results contained in the survey are based on interviews conducted from October 18 – 20, 2013. A total of approximately 1,000 interviews were completed.

About IDentity Theft 911
Founded in 2003, IDentity Theft 911 is the nation’s premier consultative provider of identity and data risk management, resolution and education services. The company serves 17.5 million households across the country and provides fraud solutions for a range of organizations, including Fortune 500 companies, the country’s largest insurance companies, corporate benefit providers, banks and credit unions and membership organizations. Since 2005, the company has helped more than 600,000 businesses manage data breaches. IDentity Theft 911 is the proud recipient of several awards, including the Stevie Award for Sales and Customer Service and the Parent Tested, Parent Approved award for social networking monitoring tool SocialScout. For more information, please visit, and

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Kelly Santos
Identity Theft 911, LLC
+1 (401) 477-2083
Email >
Visit website