ACT NOW Protect Yourself
Educate Yourself
Types of fraud Escrow service complaints Fake check scams that target sellers Security FAQs and incident report links for common social networking sites Security information for common online retailers and payment processorsReport Online Shopping Fraud
If you have problems during a transaction, try to work them out directly with the seller, buyer or site operator. If that doesn't work, file a complaint with:
- The Attorney General's office in your state
- Your county or state consumer protection agency. Check the Blue Pages of the phone book under county and state government.
- The Better Business Bureau
- The Federal Trade Commission (FTC)
Back to top
Report Problems with Online Auctions and Retailers
If you have problems during a transaction, try to work them out directly with the seller, buyer, or site operator. If that doesn't work, file a complaint with:
- The Attorney General's office in your state
- Your county or state consumer protection agency. Check the Blue Pages of the phone book under county and state government
- The Better Business Bureau
- The FTC
Back to top
Protect Yourself:
The latest applications are enabling us to do ever more online, from online networking to sharing content in real-time with friends to bidding on products on auction sites. To continue getting the most out of these exciting new capabilities does not mean you have to be at high risk. By understanding how to transact securely, you can avoid many of the security threats associated with these online venues.
Social Networking
With the growth in popularity of social networking sites such as MySpace, Facebook, and LinkedIn, cybercriminals know these may be very effective means to reach you as an individual user or as an employee of a targeted company. Because social networking sites rely upon the trust among the individuals invited into a trusted circle of contacts, those who use then can tend to be more trusting of those with whom they communicate within these circles.
Users face the threat of impersonators who may lead them to click on links simply by way of their "web of trust," or by maliciously planting links to enticing content. Social networks, by their very nature, are driven by user content: a few bad apples can impact the community as a whole. Be cautious about all unexpected content, including questions, solicitations, hyperlinks, or applications. People may assume that the social networking site owners were involved in creating the application, and lose sight that the content is user generated, and the vast majority of user-generated social networking content receives no review prior to being made available to all. In addition to existing services, now users are able to locate others in the immediate vicinity thanks to location-based services. Users with GPS-capable mobile devices can participate in social networking, making their locations known. Be alert!
- Do not click on links you are not familiar with, even if they come from your trusted circle
- Be wary of applications on these sites, as many of these applications may not be thoroughly vetted for security and may bring an additional level of risk to you when you agree to download and use them. Social networking sites have been hosts to worms, phishing attacks, data theft, spam, and other threats.
- Encourage your friends, family, colleagues, and especially children to be wary of the same unfamiliar links because what impacts one "friend" can impact others in your circle
- Be certain you know who you are adding to your professional networks and be on guard against anyone who attempts to learn more about your colleagues, your company, or what you do. Employees of highly targeted government agencies and companies can be targeted this way and in such non-threatening ways that you may not even be aware you are being targeted.
- With so much information readily available about you, exploiters can take advantage of this to send you a flood of convincing solicitations and communications, a tactic known as social engineering
- Familiarize yourself with the security and privacy settings of social networking sites. Be certain you update the privacy settings on all of your sites to an acceptable level for what you choose to do online. Nobody can dictate a single set of settings for you. But do make use of the settings to control who can see and contact you. Settings include:
- Control over who sees your profile and your personal information, especially your location.
- Control over who can search for you and how you can be contacted.
- Control over your recent activities, which are visible on your friends' pages and your profile
- Control what personal information is available to the applications that you use within the social networking site
- For more information, review Security FAQs and online complaint forms
Back to top
Online Retail and Payments
As with any online website, exercise extra caution to protect your information when you make payments, bank, or shop online. Use strong passwords, report any unusual activity on your accounts, and do not respond to any emails that purport to be from online auction sites, payment processors such as PayPal, or online retailers. If in doubt of the legitimacy of an email, contact the vendor directly by phone and ask.
Back to top
McAfee SECURETM trustmark
Look for McAfee SECURE trustmarks on sites tested daily for hacker vulnerabilities, and in search results annotated with SiteAdvisor technology.
McAfee SECURETM shopping
Enjoy a more secure online shopping experience with thousands of McAfee SECURE sites - each one tested daily for hacker vulnerabilities.
Back to top
Educate Yourself
- Use the FTC's OnGuardOnline "Auction Action" game
- Follow the McAfee recommended Security Best Practices
- Educate yourself and take the McAfee Safe Shopping Quiz
- Learn the Dos and Dont's of Online Shopping
- Visit eBay's online safety tips
- Visit PayPal's online safety tips
- Familiarize yourself with the types of fraud
- Familiarize yourself with fake check scams
- Review security FAQs and online complaint forms
Back to top
Types of Fraud
Most people who complain to the FTC about Internet auction fraud report problems with sellers who:
- Fail to send the merchandise.
- Send something of lesser value than advertised.
- Fail to deliver in a timely manner.
- Fail to disclose all relevant information about a product or terms of the sale.
- Bid siphoning—Con artists lure bidders off legitimate auction sites by offering to sell the "same" item at a lower price. They try to trick consumers into sending money without delivering the item. By leaving the legitimate auction site,, buyers lose any protections the original site may provide, such as insurance, feedback forms, or guarantees.
- Second chance offers—Con artists offer losing bidders of a closed auction a second chance to purchase the item that they lost in the auction. Second-chance buyers lose any protections the original site may provide once they go off-site.
- Shill bidding—Fraudulent sellers or their partners, known as "shills," bid on sellers' items to drive up the price
- Bid shielding—Fraudulent buyers submit very high bids to discourage other bidders from competing for the same item, then retract their bids so that people they know can get the item at a lower price
Back to top
Escrow Service Complaints
Another type of fraud occurs when sellers or buyers pose as escrow services to improperly obtain money or goods. The so-called seller puts goods up for sale on an Internet auction and insists that prospective buyers use a particular escrow service. Once buyers provide the escrow service with their payment information, the escrow service doesn't hold the payment; it is sent directly to the so-called seller. The buyer never receives the promised goods, can't locate the seller, and, because the escrow service was part of the scheme, can't get any money back.
In some cases, a fraudster poses as a buyer and, after placing the highest bid on an item, insists that the seller use a particular escrow service. The escrow service tricks the seller into sending the merchandise and doesn't send the payment or return the goods to the seller.
Back to top
Fake Check Scams Target Sellers
As a seller, you can also a be victim of fraud when buyers send fake checks or money orders that are detected by the bank only after the seller has shipped the goods. A buyer might offer to use a cashier's check, personal check, or corporate check to pay for the item you're selling. Sometimes, the buyer sends a fake check or money order that exceeds the cost of the item that has been purchased. The so-called buyer (or the buyer's "agent") states that he made a mistake, or comes up with another reason for writing the check for more than the purchase price. In either case, the buyer asks you to wire back the difference after you deposit the check. You deposit the check, learn that it has cleared, and wire the funds back to the "buyers." Later, the bank determines that the check is fraudulent, leaving you liable for the entire amount. The checks were counterfeit, but good enough to fool unsuspecting bank tellers.
Back to top
Security FAQs and Incident report links for common Social Networking sites
- MySpace
- Customer support contact (or you can log in to your account to submit a support ticket):
- Reporting Twitter spam, malware or phishing
- Complaint FAQ
Back to top
Security Information for common online retailers and payment processors
- PayPal
- eBay
- eBay Security Center
- Report a security problem
- Report account theft
- Buyer/seller disputer resolution center
- Amazon
Back to top
