This year, mega shopping event ‘Black Friday’ falls on November 23, closely followed by ‘Cyber Monday’ on November 26. At this time of year, with Christmas on the horizon, retailers tempt online customers to their websites with bargain offers and special deals.
Shopping online can be a quick and convenient way of bagging a bargain, but while we’re busy shopping, criminals are even busier taking advantage of the sales frenzy. As a result, we often see an increase in crafty phishing scams, fraudulent websites, and other tricks designed to line fraudsters’ pockets.
Don’t let a cyber-criminal ruin your festive season – here are three common online shopping scams:
The offer alert – SPECIAL OFFER! AMAZING DEAL! ACT NOW!
You might get an email or text about an amazing bargain, an e-voucher, or this year’s must-have gift. Resist the temptation to click on the link, and instead make sure you close the email or text, and look for the offer details on the retailer’s official website. And if you get an email about any of your online accounts – warning you about an unusual transaction or saying there’s something wrong – open your internet browser and go to the genuine log-in screen to access your account. Don’t log in straight from the email.
“Sorry we missed you”
Beware of emails, messages and even cards through your letterbox appearing to be from the post office or delivery firms about packages you’re not expecting. It might tell you that you’ve missed a delivery or there’s been a problem with your order, and ask you to enter your details or open a document online, or call a number (which could be charged at a premium rate). Use the retailer’s website to track your orders and monitor deliveries, and never open documents in emails that you’re not expecting.
The fake website
Cyber criminals are experts at creating websites that look identical to your favourite retailers. Hackers can also manipulate search engines (Google, Yahoo!, etc.) to place their own dodgy links near the top of the search results, so keep an eye on the web address you’re clicking on, if using a search engine. And don’t enter your personal details or payment information if you see any signs that the site isn’t trustworthy, for example:
- The site looks poorly designed, unprofessional or has broken links
- You can’t find the business address or the usual sales, returns and privacy policies
- The back button is disabled – so you get stuck on a webpage and can’t go back
- The site doesn’t show a padlock icon in the left hand side of the address bar and the website address doesn’t start with ‘HTTPS’ (the S stands for secure). If it doesn’t have this, it means the website doesn’t use an encrypted or secure connection
Even if none of these warning signs are there, remember the golden rule: If the offer seems too good to be true, it probably is. So, if you’ve found the latest gadget but for a fifth of the normal selling price, it’s likely to be a scam.
If you think you’ve fallen victim to fraud, act fast and report it to the police, to your bank or credit card provider, to the retailer you thought you were buying from, and to ActionFraud.
Information Security Education and Awareness Manager