Athens, Ga. - The holidays are a prime time for criminals to take advantage of generosity and trust, but one security proponent at the University of Georgia is urging caution when providing personal information online or on the phone to avoid becoming the victim of a scam.
"Never provide personal information in response to an unsolicited email or telephone call," said Laura Heilman, a security awareness and education manager in the university's Enterprise Information Technology Services office. "If you think the contact is legitimate, you can always investigate online-especially if you are being prompted to spend money."
Heilman offers her advice on some of the scams that people may encounter during the holidays.
One scam is an offer for free gifts cards for $500 or $1,000 from major retailers.
"If you receive a text or an email that offers a free, high balance gift card, delete it," Heilman said. "In addition, be on the alert for incredible gift card deals, like paying $10 for a $25 gift card. It's probably not legitimate."
And on social networking sites, be wary of any gift card offers.
"Don't get caught holding a bunch of counterfeit gift cards or giving away your personal information just to save a buck," Heilman said.
Also, be on the lookout for any coupons that offer high-priced items at "crazy" low prices, she added. Don't download coupons that are attached to emails, or follow links to claim them, as they are likely to include malicious software. Instead, download coupons directly from a merchant's website.
If a company sends an email or text messages stating it couldn't deliver a package, look for the hallmarks of a phishing scam: misspellings, poor grammar, attachments that must be downloaded or links to get information, or threats that the package will be returned to the sender.
"Be cautious of failed delivery notices," Heilman said. "If you receive a shipping update notice, don't click on any links in the email or text message to track your package. Instead, track your delivery by visiting the merchant's site directly."
When it comes to getting solicitations from charities for donations, be on the lookout for fake charities posing as similar-sounding real charities.
"Scammers give fictional charities names that are almost identical to the names of real charities," Heilman said. "For example, ChildFund and the Children's Health Fund are both legitimate charities, but the Child Health Fund is not."
Heilman suggests researching charities online at CharityWatch (www.charitywatch.org). The IRS also has the exempt organizations list available online to research before donating to a charity.
The Office of Information Security at UGA has more information on identity theft and phishing scams available at infosec.uga.edu. The Office of Information Security is a part of the university's Enterprise Information Technology Services. For more information, see eits.uga.edu.