Buy Now, Pay Later Platforms

It’s worth briefly discussing the rise of buy now, pay later (BNPL) tech platforms like Affirm, Klarna or AfterPay that are increasing in popularity with their promises to help lower-income shoppers finance purchases over time.

Typically, a merchant will ink a contract with one of these tech companies to offer their payment option at checkout. The premise is simple – split a larger bill into even installments, usually four payments spread out over several months, to allow customers more time to pay off their bill. It’s better than a line of credit, since it doesn’t require a credit check and most of these sites don’t charge extra fees or interest. An August survey by Consumer Reports found that 28% of Americans paid using BNPL, up from 18% in January.

But sometimes the affordable trade-off comes with a hidden price. Sometimes these are literally hidden fees, buried in the company’s loan terms; so be sure that if you set up auto-pay you have adequate funds, otherwise you may be on the hook for up to $10 per missed payment.

Unlike the seller, BNPL app or even the deliverer, there’s usually no insurance for buyers. Some have reported being on the hook for payments even after their item failed to be delivered. Right now, the Consumer Financial Protection Bureau doesn’t give buyers legal recourse if their items aren’t delivered or need to dispute billing issues, but changing that would provide customers more recourse if they’re on the hook for missing merchandise.

The biggest way to avoid BNPL issues is to buy outright. But if that isn’t an option, experts recommend you keep a detailed log of when payments are due, and avoid overextending on loans to steer clear of being sent to collections. Once you’re locked into a payment plan, you can’t change it. So be wary if some big withdrawals are coming through on rent day. And, like with any merchant, if they offer BNPL through a non-recognizable third party, simply pay another way.

Blocked and Reported

Identity theft attempts tend to spike during the holidays, so be wary of anyone trying to suss out personal information through social media.

TikTok’s support page notes it will never ask users for their account details. Snapchat also encourages users to never give out their personal information.

If you’re a user of either app and see messages asking for personal details, immediately report them to the app for review. Blocking the user can’t hurt either. To further limit the likelihood of scammers sliding into your DMs, Snapchat recommends users only friend people they know in real life. This is harder on TikTok; most users don’t know the people they follow personally, so on that app it’s prudent to be extra wary of new connections.

Two-Factor Authentication

Definitely turn this setting on across all accounts. Two-factor authentication (2FA) is one safeguard against being hacked. It can be found in nearly every app’s settings; and works by sending a passcode to your phone or email that grants access to your account after inputting a password.

2FA isn’t foolproof, however. If someone hacks an account they can change the 2FA number to another one. But it’s a useful extra layer of security and many apps recommend you turn it on.

Also, when shopping online, use a private secure network if possible, and do so on a computer with an antivirus software installed. Public networks are much less likely to have safeguards to deter hackers, though if you’re forced to use one, try installing a VPN (like one of these) which can provide additional security.

Password Managers

Another key way to avoid being hacked is to use a password manager. While it might seem risky to have all your passwords aggregated on one app, it’s also a useful way to ensure all your accounts have passwords long and random enough for even the most astute AI to take awhile to hack.

There’s a few decent paid apps out there doing this. 1Password is a good one (not sponsored, I just enjoy their interface), mainly because it can sync with an iPhone’s biometric data sensor to scan your face and auto-fill passwords on certain sites after you input your master password. To be fair, no platform is completely immune to hacks. But using a random password generator is much more secure than each password being a slight variation of the other for memory’s sake.

Avoid Phishing

Phishing scams, or scams that bait users into clicking a fraudulent link or attachment, are all too common during the holidays. Often the target is to surreptitiously install malicious software on your device to steal data.

Be wary of any link sent to you as well. Especially if it masquerades as something useful, like a package tracking link. When ordering gifts this season, make a detailed list of the sites you bought them from and which carrier the site says they use when shipped, and only use this site when looking for updates. Don’t, for example, assume that a text claiming to be from UPS with a package update is real.

The same goes for advertisements. On TikTok in particular fake ads are all the rage and it’s too easy to click something that looks interesting without thinking. To be extra certain you’re avoiding phishing through ads, if you see an intriguing product on social media, simply go to the brand’s website and buy there, instead of being routed through the link.

Another red flag to be aware of is if a merchant requests alternative payments like cryptocurrency, a wire transfer or gift cards – this is almost a sure sign they’re conducting illegal business and looking to obfuscate their activity.

Also, as with any type of malfeasance, the old adage of “see something, say something” applies to online scamming.