Black Friday, a tradition starting in America and spreading globally. Each year it sees a huge spike in online purchasing, but with that also comes a huge rise in fraud. Here are some common scams to look out for, and how to best protect yourself from them in both a personal and business context.
Online account stealing
This one highlights a good reason to make sure your passwords are different for every account you have. In this type of scam, cyber criminals are looking to gain access to online accounts which have payment details attached to them, so they can buy things using your card details.
Often once they gain access, they will change passwords, leaving you unable to do anything about their takeover. Usually they will do this by using details they’ve gleaned from data leaks. They have sophisticated tools which can try your login details across many sites at once. So if you have the same email and password for multiple accounts, they may be able to do this to you more than once, in one single hit.
How to reduce the chance of falling victim to account takeover scams
- Have strong and unique passwords for each account you use
- When given the option to save card details in your online account, select ‘no’ and input them manually/ from your device’s saved details instead
- Use two-factor authentication wherever you can. This usually means getting a text message with a code, allowing you to log in and adds an extra layer of protection against hackers.
Fake courier emails
With so many parcels flying around this time of year, whether it’s from Black Friday shopping or buying Christmas presents, scammers often try to take advantage by sending phishing scam emails to your inbox, hoping you’ll be so busy and confused about the number of parcels due to be delivered to you, that you might miss that it’s a scam.
Scammers will often send fake texts or emails containing links. They may be pretending to be a courier offering tracking information, or claiming that you’ve missed a delivery and need to follow the link to reschedule delivery.
Clicking the link or opening attachments can lead to malware infecting your device, or you may be directed to a login form so they can gain your personal details. This applies to business deliveries as well as personal ones.
How to spot phishing emails
As well as having good spam filtering on your email which should send the majority of these messages to junk, one of the best ways you can tell if an email is legitimate, is by clicking on the sender name and finding out the email address it was sent from. If it was legitimate, usually it would be something like info@.com, but fairly often it’s a weird email address used solely for scamming people.
If you think your team could use some training when it comes to spotting potential phishing scams, we offer phishing simulation tools to businesses that can help highlight weak spots where training would be best-served.
Using cards for phone transactions
When you pay for something over the phone, you don’t need pin details. This scam is often referred to as the ‘card not present con’ and it’s when someone steals your card information, and then uses it to pay for something over the phone.
This can be done by gaining access to accounts, as well as people finding lost cards, or pieces of paper with card details written on it.
Nationwide Building Society have confirmed that this accounts for a quarter of all fraud they deal with.
Although you can reduce the chance of this happening to you by freezing lost cards and not saving card information directly into online accounts, it’s also a good idea to regularly check your card and bank statements for any transactions you might not recognise. Often with this kind of fraud, they’ll start by making a small purchase for a couple of pounds to see if you notice that, before attempting to purchase bigger items.
Another big thing to look out for is if you get sent a code, usually via text, or are asked to verify a purchase, when you haven’t bought anything. Never give this kind of code to anyone! That’s there to add a layer of protection, if you give out the code, someone else can verify the purchase they’ve made using your card details.
Bad deals
This is slightly different to the other points about cyber criminals, but it is always worth remembering that if something sounds too good to be true then it probably is.
Often something that seems like it might be a good deal, only seems that way because the price of the item was inflated before Black Friday sales started, making it not really a deal at all. It’s well-worth bearing this in mind, because online shopping from marketplaces like Amazon, Temu, Shein, can lead to buying fake goods, or it may seem like you’re buying one thing when you’re actually purchasing another.
For example you might think you’re buying a cheap piece of furniture, when actually it’s for a doll’s house!
Stay safe and scam free this holiday season! And if you’d like any advice on general security and making sure your team are up-to-speed to protect your business, get in touch – we’d love to have a chat with you.
Further Reading: Online Rise of Temu Marketplace