Cyber Monday is looming on the calendar, that date that everyone gets online looking for sales and deals for the holiday season. Accordingly, the scammers and hackers are gearing up too.
In the US, Cyber Monday has evolved as a follow-on to Black Friday, which falls on the day after the Thanksgiving holiday in late November. Black Friday is America’s busiest shopping day of the year, with retailers officially opening up their festive season sales. Cyber Monday, which falls on the Monday after Thanksgiving, has quickly grown to be Black Friday’s equal in retail significance, and has gone on to do so globally. In fact, according to DomainTools, nearly all (98%) of the UK population shops online and nearly a third (29%) plans to shop on Cyber Monday, with regional e-commerce players getting in on the action (despite there obviously being no Thanksgiving holiday weekend for retailers to tie it to).
Along with this enthusiasm however comes risk: In DomainTools’ survey, which queried 1,000 UK consumers, one in five admitted to having already been caught out by an online scam.
“Cyber Monday has grown in popularity year over year, and unfortunately, so has phishing and online counterfeiting,” said Tim Chen, CEO of DomainTools. “A range of techniques are used to trick shoppers into visiting a fake website or clicking on a malicious link. This can result in a shopper unintentionally sharing financial and personal information with these criminals or even downloading ransomware. As shoppers search for Cyber Monday deals, it’s important that they remember to look closely at links and email addresses before clicking.”
When asked if they had ever clicked on a link or email that turned out to be a scam, a fifth of survey respondents admitted that they had. When asked what happened as a result, over a quarter (27%) of victims’ computers were infected with viruses. In addition, 12% had their credit card information stolen, and a further 10% were tricked into buying a false product. Moreover, nearly a quarter know of someone else who has purchased fake goods from a website that they thought was legitimate.
“Email, in-app advertising and SMS campaigns are popular with big brands during the busiest shopping time of the year as a way to let consumers know about deals and the latest products,” said Chen. “The trouble is, cyber-criminals take advantage of this form of communication by combining look-alike branding with a deceptive domain name. They’re able to reach a broad audience and it only takes a few unsuspecting consumers to result in a successful phishing or malware campaign.”
Case in point: This week, a scam impersonating supermarket giant Asda swept across WhatsApp, duping users into clicking on a “coupon” and providing personal information in exchange for a phony £250 voucher.
The brands most likely to be spoofed this November likely correspond with the most popular online retailers in the UK, which according to the survey include Amazon (87%), Argos (46%) and Tesco (35%).
Chen explained how looks can be deceiving—many illegitimate sites look virtually identical to the real thing. This is where looking closely at the URL can make a real difference for staying safe online.
To stay safe, shoppers should first and foremost be paranoid: Assume links are dangerous, navigate directly to a company’s website instead of clicking on links in emails or social media and closely examine URLs and email senders for typos.