The holiday shopping season is upon us and because we’re in the middle of a pandemic, consumers are expected to spend more time doing their shopping online. Retailers will also use their online platforms and apps much more, to offer the best internet deals on popular items this holiday gifting season. Security-wise, however, both add up to increased opportunities for online scams waged by cybercriminals, and an increased risk of people falling for them.
Some of the common techniques that cybercriminals employ to target online shoppers include:
- Incredible deals: Sales and holiday promotions that are too good to be true, which usually are. They’re often advertised on social networks, websites or sent in messaging apps, posted as urgent, time-bound sales to make you feel you have to purchase the offer right away or lose out on the sale.
- Fraudulent sites: Attackers ploy you to click on an ad or a link and it takes you to a malicious website. They often create malicious websites that appear to be legitimate, representing themselves as the actual e-commerce site for your favorite store.
- Phishing: Someone sends you an email or multimedia message, for example, on Messenger or WhatsApp, providing a malicious link to supposedly check into your account and asking you to update your payment information—or they pretend to notify you that they’re having delivery issues, which require you to verify your personal information to expedite delivery of the product. In some instances, they falsely alarm you of a purchase made to your account, which can be checked or rectified by clicking a false link to your account and logging in. With this move, they capture your identity data.
These are only few of the popular schemes used by perpetrators, and they only have one thing in common: to make money out of you by stealing your personal and financial information.
Don’t fall victim to shopping scams!
This holiday season, you need to be extra cautious and on-the-alert to spot these red flags. You can do this easily by following the five tips below, with the assistance of Trend Micro Check—a companion tool that can enhance browsing and buying security by helping you verify or falsify sales information and websites. Trend Micro Check comes as an extension for Google Chrome and a chatbot on Facebook Messenger and WhatsApp on your smart phone (Android or iOS).
1. Avoid direct purchases on social media platforms
Social media is full of irresistible deals and offers. Be on the lookout for fake deals proliferating on social media platforms. For example, one recurring scam is for the PS5 (PlayStation 5), which was sold out after its release. Many folks are still on the hunt for one. For those who are still eager to get one, rather than using official storefronts they begin to consider mass searching in online stores, such as Facebook Marketplace. This behavior is exactly how scammers approach their targets – by posting fake, outrageously good deals for the PS5. You may pay for it, but it’s never delivered, or they only send you the box.
You may also get an offer from a bot on Facebook Messenger or What’s App that includes a link to similar “an incredible offer.” You may bite, thinking you’ve saved a lot of money, but clicking on the ad takes you to a fake website, where they capture your identity and credit card data. The moral of the story? It’s best not to shop from social media platforms, because even if turns out to be legit, there’s often no guarantee when it comes to disputes, returns, or refunds. Shop directly and only on trusted sites.
2. Look out for non-verified sites
It is very important to check the security of the website where you plan to shop. First check if the web address you’re visiting starts with HTTPS and has the security “padlock” symbol next to it. That means it’s secure and the transactions you conduct on the site are encrypted. If it’s only HTTP, the vendor does not use encryption and an attacker may intercept information transmitted to this site. Or you can simply send the website address to Trend Micro Check for immediate verification.
3. Shop with a credit card or payment service
Use a pay service or credit card for all online purchases, not your debit card. You can utilize Apple Pay, PayPal, and services offered by credit card providers such as MasterCard and Visa. They keep your financial information private, away from retailers and from criminals who may be intercepting insecure transactions. They often employ two-factor authentication thru a One-Time-Pin (OTP), to ensure that it’s you who are making the purchase. They also have guarantees if you see fraudulent charges. Many credit cards offer complete protection without the hassle of having your personal finances being compromised while they’re investigating the charge.
4. Be wary of emails requesting information
As mentioned above, attackers may try and get information from you by sending an email and asking you to confirm your account information or delivery issues in your area. Never click links sent to you in an email; instead, directly log into the official website and check your personal details or track your order status there.
While you’re at it, Trend Micro Check also lets you know if your email address has been leaked to the Dark Web. If it has, take precautions against its fraudulent use by changing the passwords for all your sites that use the email address, adding two-factor authentication if possible.
5. Spot unwanted payment transactions
Finally, check your credit card, bank, or payment service statements on a regular basis to make sure you recognize all charges. Pay attention to your statement and check strange transactions early enough to prevent serious damage. If something looks strange, make sure to contact the financial institution immediately to find out where the charge came from. Setting up spending alerts will let you know immediately when a purchase is made so you can stay vigilant.
A check we trust!
If you follow the tips above to protect yourself while shopping online, and enhance the checking process whenever you can via Trend Micro Check, you’ll go a long way toward keeping your transactions, identity, and money secure during this holiday season. In fact, you should use Trend Micro Check widely—to verify if a link is safe, a claim or article is true or false, a news source is credible, a product offer is valid or a scam, or if your identity data has been compromised.