#BlackFriday: The Holidays Are Around the Corner, and so Are the Scammers!

Black Friday and Cyber Monday are only days away, meaning we are entering one of the busiest times in the shopping calendar. UK shoppers are expected to spend close to £10bn over this period – a 15% increase from 2020 when the country was in lockdown.

While some may venture out to the high-street to nab the latest deals and bargains retailers have to offer, there will still be a large majority who continue to shop online. Either way, both retailers and consumers must be cautious of the threats posed by cyber-criminals who are looking to take advantage of the spike in online spending and will leverage any opportunity to exploit and conduct fraud.

Shoppers and retailers must be mindful of financial fraud, identity theft, the impersonation of retailers and theft of goods, which are all common at this time of year.

We also see a boom in fraudulent domains being created during the holiday and shopping periods. For instance, between November 1 and 20 2020, Comparitech scanned 267,807 sites, of which nearly 5500 were likely scams or phishing sites. We can expect something similar this year.

These scams can affect people of all age groups, social backgrounds and geographic regions, meaning everyone needs to be vigilant and ensure we don’t give these criminals an early Christmas present.  

These scams come in many guises. For this reason, always err on the side of caution when operating online. To help consumers keep their eyes peeled, here are some examples that have been witnessed in the wild:

1) Cash app scams

You may think you’ve received a gift card over the holidays, but clicking on the link will take you to a bad page where the criminals will try to get your details. Or, by clicking the link, you may have unknowingly downloaded malware onto your system.

Often, these scams are looking to steal your personal information which then gets sold to other cyber-criminals. Make sure any offers or gift cards you sign up for are authentic before giving up any information and double-check the email it was sent from.

2) Survey scams

Who doesn’t want an exclusive reward in exchange for completing a short survey? However, the risks that apply surely outweigh any benefit – be careful  of whom and where you give your details!

3) You’re a lucky winner

If you haven’t entered any competitions, what are the chances you’ve actually won?

Examples two and three are classic examples of the old but very relevant saying: “if it sounds too good to be true, then it probably is.”

4) Extortion scams

If enticing you with offers doesn’t work, how about some good old-fashioned extortion? It’s best just to ignore these sorts of scams – it’s highly unlikely that they have any damaging information and more likely they’re using a blanket scare tactic to trick you. 

5) Package or parcel delivery phishing scams

Mail and courier organizations like to email or text customers about their package’s service status, but cyber-criminals are also using this tactic to phish via email or SMS messages. If you get a message that says the service needs additional money or information (especially if you’re unaware of ordering something in the first place!), it’s likely a scam.

The examples above aim to help consumers identify similar scams when conducting their online purchases. Online shoppers need to feel confident that they are following the correct steps and advice this festive period to reduce the chances of getting scammed. Some more useful tips include:

  1. Protect all account log-in details and avoid reusing them

    If possible, use a password manager and enable multi-factor authentication for added protection.

  2. If you suspect a phishing email, report it to the email provider

    Email inboxes will be filled with promotional emails, but these could easily contain malware and suspicious attachments. Therefore, if you suspect a phishing email, report it to the email provider if they have such a capability. If not, report it to whoever your local body is – for those in the UK, forward the suspicious email to report@phishing.gov.uk.

  3. Conduct due diligence on the website you are ordering from

    Ask yourself, are you making an order from a reputable retailer? Are there examples of clear spelling or grammar mistakes? Is there a corporate email address visible?

  4. Only provide the necessary information to carry out the order

    If the retailer asks unusual questions or makes out-of-the-ordinary requests to process the purchase, do not proceed!

  5. Are there reviews available regarding the retailer?

    See what other consumers have had to say online – a quick search on Google, Facebook or Twitter can prove fruitful as there is a high probability that someone else has left helpful feedback.

  6. Use a secure, protected payment provider

    Lastly, when making a payment, avoid using money transfer services as this is a highly uncommon way to make a purchase. Once payment is made, verify that it has gone through correctly by checking your bank statements.

By following this guidance and remaining vigilant ahead of Black Friday and the festive period, you will be going a long way to ensuring you have a pleasant shopping experience.

What’s Hot on Infosecurity Magazine?