It’s Diwali, a time of light, a time of togetherness, and, of course, a time of celebration. Along with Diwali comes the traditional acts of dana and seva, as well as gift-giving to the friends and family members they honor and love. However, it’s also a time when thieves get busy—where they hop online and take advantage of all that goodwill with all manner of scams.
It’s unfortunate yet true. Thieves flock to where the money is, and plenty of money gets exchanged online during Diwali. As you shop online for that thoughtful gift or to donate online to a cause you care about, keep an eye out for the scams that these thieves set. Because they’re out there.
Yet you have several ways you can spot their scams, along with several ways you can protect yourself further from them. The thing is, online thieves tend to use the same old tricks, which means a sharp eye and a little prevention on your part can keep you far safer during Diwali.
For starters, let’s look at some of the most common scams out there.
Top online shopping scams to avoid during Diwali
1) The bogus website scam
A classic scammer move is to “typosquat” phony email addresses and URLs that look awfully close to legitimate addresses of legitimate companies and retailers. So close that you may overlook them. They often appear in phishing emails and instead of leading you to a great deal, these can in fact link you to scam sites that can then lift your login credentials, payment info, or even funds should you try to place an order through them.
You can avoid these sites by going to the retailer’s site directly. Be skeptical of any links you receive by email, text, or direct message—it’s best to go to the site yourself by manually typing in the legitimate address yourself and looking for the deal there.
2) The hot deal scam
In some cases, thieves will set up shopping websites that offer a popular or hard-to-find item at a great price. Yet if the pricing, availability, or delivery time all look too good to be true for the item in question, it may be a scam designed to harvest your personal info and accounts—because, surprise, they don’t have the item at all. The site will take your payment, yet you’ll never receive the item. What’s more, the scammers will have your payment info and address, which they can use to cause further harm.
Use caution here before you click. If you’re unsure about a product or retailer, read reviews from trusted websites to help see if it’s legitimate. You can also use a service like Who.Is and see how recently the site was created. If the site was only put up very recently, it could be a sign of a scam.
3) The fake charity scam
In the spirit of dana, donating to charities makes for a popular Diwali gesture. Scammers know this too and will set up phony charities to cash in. Some indications that a phony charity has reached you include an urgent pitch that asks you to “act now.” A proper charity will certainly make their case for a donation, yet they won’t pressure you into it. Moreover, phony charities will outright ask for payment in the form of gift cards, wire transfers, money orders, or even cryptocurrency—because once those funds are sent, they’re nearly impossible to reclaim when you find out you’ve been scammed.
There are plenty of ways to make donations to legitimate charities, and the NGO Darpan site offers resources that can help you make an informed choice.
4) Prize and gift scams
Whether they come to you by email, direct message, or text message, scammers will blast out phoney prize and gift notifications during Diwali. And of course, there’s a catch. To claim your “prize” or “gift,” the scammers require you to fill out a questionnaire. Once again, there’s no gift or prize in play here. Just a thief on the other end attempting to steal your personal information to commit other fraud down the road.
Look out for these scams, as many have URLs that end in .cn (the Chinese domain). Both .xyz, and .top are popular URL domains for these scams. Several can look quite legitimate, yet if you haven’t entered in a legitimate contest, drawing, or lottery yourself, there’s a very good chance this is a scam.
Avoid getting scammed during Diwali
Aside from knowing how to spot scams, you can take several other preventative measures that can keep you safe as you shop, donate, or simply spend time online.
Stick with known, legitimate retailers and charities online
This is a great one to start with. Directly typing in the correct address for online stores and retailers is a prime way to avoid scammers online. As mentioned in the bogus website scam and the prize scams above, thieves will often create web addresses that look nearly identical to legitimate addresses of well-known companies hoping that you won’t look closely at them, then click or tap that bad link.
If you get an offer sent to you via email, text, or any other message, don’t click the link. Visit the site directly and look for the offer there.
Look for the lock icon in your browser when you shop
Secure websites begin their address with “https,” not just “http.” That extra “s” in stands for “secure,” which means that it uses a secure protocol for transmitting sensitive info like passwords, credit card numbers, and the like over the internet. It often appears as a little padlock icon in the address bar of your browser, so double-check for that. If you don’t see that it’s secure, it’s best to avoid making purchases on that website.
Use a VPN if you’re shopping on public Wi-Fi
Public Wi-Fi in coffee shops and other public locations can expose your private surfing to prying eyes because those networks are open to all. Using a virtual private network (VPN) encrypts your browsing, shopping, and other internet traffic, thus making it secure from attempts at intercepting your data on public Wi-Fi, such as your passwords and credit card numbers.
What’s more, a VPN masks your whereabouts and your IP address, plus uses encryption that helps keep your activities private. As a result, companies and data brokers can potentially learn far less about you, your shopping, your travels, your habits, and any other information that they could possibly collect and otherwise profit from.
Use protection while you shop online
A complete suite of online protection software like McAfee can offer layers of extra security while you shop. In addition to the VPN, identity, credit monitoring, and other features mentioned above, it includes web browser protection that can block malicious and suspicious links that could lead you down the road to malware or a phishing scam—along with a password manager that can create strong, unique passwords and store them securely as well. Taken together, McAfee offers all-in-one online protection for your identity, privacy, and security that can keep you far safer when you shop online—and as you spend your time online in general.
A brighter, safer Diwali for you and your family online
If celebrating Diwali takes you online in any way, keep an eye open for the scams that typically pop up this time of year. Sadly, they’re out there, because it’s such a prime time of year for online shopping, gift-giving, and donations.
As you can see, thieves use several types of common scams that simply dress themselves up in different ways. Taking a moment to pause and consider what you’re seeing before you click or buy can help you spot those scams.
Further, using online protection software can help you stay safer still with features that make your time online more private and secure while also preventing you from clicking on any of those malicious links or attachments that crop up during Diwali—and any time of year.
The post Protect yourself from scams this Diwali appeared first on McAfee Blog.
More Stories
The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)
In episode 30 of The AI Fix, AIs are caught lying to avoid being turned off, Apple’s AI flubs a...
US and Japan Blame North Korea for $308m Crypto Heist
A joint US-Japan alert attributed North Korean hackers with a May 2024 crypto heist worth $308m from Japan-based company DMM...
Spyware Maker NSO Group Found Liable for Hacking WhatsApp
A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse...
Spyware Maker NSO Group Liable for WhatsApp User Hacks
A US judge has ruled in favor of WhatsApp in a long-running case against commercial spyware-maker NSO Group Read More
Major Biometric Data Farming Operation Uncovered
Researchers at iProov have discovered a dark web group compiling identity documents and biometric data to bypass KYC checks Read...
Ransomware Attack Exposes Data of 5.6 Million Ascension Patients
US healthcare giant Ascension revealed that 5.6 million individuals have had their personal, medical and financial information breached in a...