During the holiday season, you, along with many other people, may use your credit card more than usual.
You might well end up buying various unusual items while you’re about it, by way of getting that perfect gift – something sought-after that you can’t just walk into any old shop and buy, or order online in the normal way.
And if you and the seller can’t figure out a conventional way to handle the payment, you may be tempted to fall back on emailing them your card details so they can process the transaction at their end.
It’s easy to convince yourself that “it’ll probably be OK.”
After all, if you’ve ever done a credit card transaction over the phone, you’ve taken a calculated risk:
- What if the other end writes the information down and doesn’t securely dispose of the paper once they’ve used your data?
- What if they process the transaction on their own PC, unseen, untrusted, and perhaps unpatched?
- What if they just type the data into an email to a third party anyway?
All of those scenarios are worth avoiding, but at least in the case of the first two, you can ask the seller how they plan to process the transaction, and decide whether to risk it on that basis.
On the other hand, no matter how much you trust the seller, you can’t reliably control an email once it leaves your email program or your browser.
That email could end up in the hands of cybercrooks, even if the seller handles it with care once they’ve received it.
Remember: if in doubt, don’t give it out!