1. When doing online searches for names of popular gifts — or even words like "toys" and "discount" — never click on links before you carefully read the website's address.
Beware of unfamiliar vendors or ones whose addresses have missing letters, misspellings or other tweaks of a legitimate company's name (such as www.tiffanyco.mn instead of the legit www.tiffany.com). Click on these bum addresses and you may be steered to a scammer-run site that unleashes rogue programs known as malware onto your computer. Or you may be taken to a "cybersquatting" site that poses as a legitimate company's online outpost to sell cheap counterfeit goods and collect credit card numbers.
2. Before ordering, check the site's "Contact Us" page for a phone number and physical address and a "Terms and Conditions" page for return policies and such. Bogus websites often don't have those pages at all or have crude imitations (being loaded with grammatical errors is one tip-off).
3. When buying gifts online, don't provide your credit card or other information unless the page's address begins with "https://" The "s" is for "secure."
4. Never trust offers that come after you lose a bid in an online auction. You may be told you can get the same thing offsite. It's probably a scam.
5. At online marketplaces sites such as Craigslist, deal only with sellers who provide a phone number. Call the number and speak with the person. Don't rely solely on email correspondence. Assume that any request for wire-transfer payment means a scam.
6. Don't believe "too-good-to-be-true" prices from sellers who claim to be soldiers needing a quick deal before deployment overseas or cite hard-luck stories. They are common tricks to get advance payment — and you'll likely get no merchandise.
7. Get gift cards only at a store's staffed customer service or check-out counters or at its website. Don't get them at untended display racks in the store, where fraudsters can peel off stickers or use scanners to glean codes. The crooks use the codes to make purchases after you buy the card and have it activated.
8. If you receive electronic holiday greeting cards, delete — without clicking on links — any that are sent by an unrecognized name or an unnamed "friend," "admirer" or even "firstname.lastname@example.org." These mass greetings likely contain malware. Legitimate card notifications should include a confirmation code that you use at the issuing website to safely open the card.
9. Don't believe emails claiming that FedEx, UPS, DHL or the U.S. Postal Service is trying to deliver a package to you, and that you'll get details by clicking on a link. That's another holiday hoax to install malware. Unless you previously provided your email address, courier services will not contact you this way.
10. Did you instead receive a mailed postcard about that "undeliverable" package? This scam baits you to telephone for details. Without knowing it, you're making an expensive overseas call. You may be prompted to reveal personal information. If you think you may truly have missed a package, look up the delivery service's number yourself and call it.
11. Donation drives increase during the holidays but give wisely. Unless you previously provided your email address, assume any email solicitation is a fraud. Never give a credit card number to a person who telephones you. Ask to be mailed brochures so that you can authenticate the organization before you give. Never give cash. Be especially suspicious of cold-call requests from charities that claim to be collecting on behalf of police and firefighters, sick or needy children, veterans, or disaster relief (such as Hurricane Sandy). Those hot-button causes are common scams specifically targeting older donors.
12. When giving or receiving computers as gifts, secure them with comprehensive "security suite" software. If you store files on a flash or portable hard drive, use security software to ensure your information is unreadable if the device is lost or stolen.
Sid Kirchheimer is the author of Scam-Proof Your Life, published by AARP Books/Sterling.