We’re not the only ones looking forward to the big holiday sales like Black Friday and Cyber Monday. Hackers are too. As people flock to retailers big and small in search of the best deals online, hackers have their shopping scams ready.
The Human Element of Cybercrime
One aspect of cybercrime that deserves a fair share of attention is the human element. Crooks have always played on our feelings, fears, and misplaced senses of trust. It’s no different online, particularly during the holidays. We all know it can be a stressful time and that we sometimes give in to the pressure of finding that hard-to-get gift that’s so hot this year. Crooks know it, too, and they’ll tailor their attacks accordingly as we get wrapped up in the rush of the season.
→ Dig Deeper: Unwrapping Some of the Holiday Season’s Biggest Scams
Spotting Online Shopping Scams
As you hone your skills in recognizing fantastic bargains every Black Friday, it’s equally crucial to familiarize yourself and your family with techniques to detect online shopping scams. Safeguarding your financial well-being during this shopping season requires a combination of savvy shopping and vigilance. Here are some key strategies to help you steer clear of potential online scams:
Email attachments that pretend to be from legitimate retailers and shippers
A standard scam hackers use is introducing malware via email attachments, and during the holiday sale season, they’ll often send malware under the guise of offering emails and shipping notifications. Know that retailers and shipping companies won’t send things like offers, promo codes, and tracking numbers in attachments. They’ll call those things out in the body of an email instead.
→ Dig Deeper: Phishing Email Examples: How to Recognize a Phishing Email
Typosquat trickery
A classic scammer move is to “typosquat” phony email addresses and URLs that look close to legitimate addresses of legitimate companies and retailers. They often appear in phishing emails, and instead of leading you to a great deal, these can, in fact, link you to scam sites that can then lift your login credentials, payment info, or even funds should you try to place an order through them. You can avoid these sites by going to the retailer’s site directly. Be skeptical of any links you receive by email, text, or direct message—it’s best to go to the site yourself by manually typing in the legitimate address yourself and looking for the deal there.
Copycat deals and sites
A related scammer trick that also uses typosquatting tactics is to set up sites that look like a trusted retailer or brand could run them but are not. These sites may tout a special offer, a great deal on a hot holiday item, or whatnot, yet such sites are one more way cybercriminals harvest personal and financial information. A common way for these sites to spread is by social media, email, and other messaging platforms. Again, a “close to the real thing” URL is a telltale sign of a copycat, so visit retailers directly.
A comprehensive online protection software can prevent your browser from loading suspicious sites and warn you of suspicious sites in your search results. Alternatively, a safe browsing software like McAfee WebAdvisor can also add an extra layer of security to your browsing experience.
Counterfeit Shopping Apps
Not every app that you’ll find on your mobile store is legitimate. Some are slyly designed to imitate trusted brands, but in reality, they are there to feed off your personal and financial information. These counterfeit apps can appear professional, which makes them hard to detect. To prevent falling into this kind of scam, it is advisable to use the app link from the retailer’s website. Visit the website using your mobile browser and search for a link to their app on the website. When using Safari on iOS, if the website has an app available, you’ll see a prompt at the top that gives you the option to either open the page in the app or download it if it’s not already on your device.
Moreover, be careful and only download apps from legitimate app stores like Google Play and Apple’s App Store, which have measures to prevent malicious apps. However, some manage to sneak in before they are detected. In this case, check for the publisher’s name and make sure it is the actual retailer you’re looking for. Other indicators of a fake app include typos, poor grammar, and imperfect design.
McAfee Pro Tip: Review a report concerning your app’s access to your personal information to enable informed decision-making for each app. Explore this blog for insights on preventing malicious apps.
The “Too Good to Be True” Offer
The holiday season is a critical time for shopping. Retailers have special offers for a limited time and popular holiday items that are difficult to find, which creates a sense of scarcity. This makes it the perfect time for scammers to launch their schemes. They leverage this urgency and create “too good to be true” offers on their fake sites. If the price, availability, or delivery time seems too advantageous, it might be a scam designed to steal your personal data and money. Therefore, be cautious before you click on any link.
If you’re unsure about an offer or a retailer, take a moment to check their reviews on trusted websites. This can help you discern whether it’s a legitimate deal or a scam. Do not rush into buying an item without doing proper research. Remember, if it is too good to be true, it probably is.
→ Dig Deeper: Online Shopping Festivals – Things to Do Before Clicking on Add to Cart
Final Thoughts
The holiday season is a prime time for online shopping scams. Cybercriminals know that people are in a rush to get the best deals, and they take advantage of this. They use tactics like malware-laden email attachments, typosquatting, counterfeit sites, and apps, and unbelievable offers to trick unsuspecting shoppers. However, by being aware of these schemes and knowing how to spot them, you can protect yourself and ensure a safer online shopping experience.
One key takeaway is to always double-check before clicking on any link or making a purchase. If an offer seems too good to be true, it probably is. Remember to download a trusted protection software like McAfee Total Protection to give you an extra layer of security. It is advisable to use credit cards instead of debit cards while shopping online and consider using virtual credit cards for further protection. Finally, never give in to stress and scarcity. Take your time to make informed decisions and enjoy a safe shopping season.
The post Spot Those Black Friday and Cyber Monday Shopping Scams appeared first on McAfee Blog.
More Stories
Friday Squid Blogging: Squid Sticker
A sticker for your water bottle. Blog moderation policy. Read More
Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe
OpenAI must also initiate a six-month public awareness campaign across Italian media, explaining how it processes personal data for AI...
Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers
The Security Service of Ukraine has accused Russian-linked actors of perpetrating a cyber-attack against the state registers of Ukraine Read...
LockBit Admins Tease a New Ransomware Version
The LockBitSupp persona said LockBit 4.0 will be launched in February 2025 Read More
Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns
The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging...
CISA Urges Encrypted Messaging After Salt Typhoon Hack
The US Cybersecurity and Infrastructure Security Agency recommended users turn on phishing-resistant MFA and switch to Signal-like apps for messaging...