Due to the COVID-19 pandemic and government restrictions, 2020 saw a record number of online shoppers. At the same time, cyberthreats to lure the online buyers were on the rise and got evermore sophisticated.According to ENISA Threat Landscape 2020, "from copycats of popular brands websites to fraudulent services that never deliver the merchandise, the number of fake online shopping websites and fraudulent online merchants has increased during the COVID-19 pandemic." Buyers looking for a good deal are often overwhelmed with different offers and may find it difficult to recognize fraud. As a result, they can lose money and get frustrated by the online shopping experience. To help you shop online safely, we have put together these 5 tips:
1. Check email sender before you click anything
Phishing emails usually impersonate a reputable source tricking potential victims to believe that they know and trust the sender of these emails. However, these emails are aimed to steal your login credentials, credit card information, money, or to take control over your device. According to Interpol research, phishing was the most widespread cyber attack in 2020.Shopping season is especially lucrative for scammers. As reported by Checkpoint, there was only one phishing email in 11,000 in October 2020, while in November due to Black Friday and Cyber Monday sales there was one phishing email in 826. Without a doubt, it is a significant increase and a reason why it's necessary to be extra careful during season sales. Here are some helpful tips to recognize phishing emails:
- Check sender's email address if it looks legitimate. Pay attention to misspelling as it’s common.
- Hoover over the link in the email to see preview of where the hyperlink is pointing. Be careful as images are often hyperlinked as well!
- Be vigilant if an email demands to confirm your personal or payment information - this is not a good practice of any serious eshop. You should go directly to the online store and check your order.
- Be even more careful when an email offers you free stuff or prices that are too good to be true.
2. Shop online where you can trust
To gain a profit or steal data, scammers can set up a fake retailer website that may look just like a real online store. They can impersonate the branding of famous e-shops using their logos, colors, and style. Usually, these online stores offer expensive branded goods at very cheap prices. Potential victims may either receive a fake copycat version of the ordered items or in most cases - receive nothing at all. Additionally, these websites request payment in advance for your order, thus it's unlikely that you can get your money back. Try to pay using a credit card whenever you can, because in those cases your bank might be able to trace back the payment and refund you. Helpful tips to avoid fraud:
- Go to review sharing platforms or forums like sitejabber.com, reddit.com or local platform, which you know and can trust. Alternatively google “URL of e-shop” and “experience” and see what results you get.
- Check social media profiles of this eshop and see iif they have been active. Check comments on their posts too.
- Check contact info and “About company” to see if they have an existing/real physical address
- Pay attention if a website uses https or http. Https creates a secure connection between web browser and server, which adds an additional layer of security when share your personal and credit card information. Avoid websites that don’t have https certificate as these will be most likely illegitimate.
3. Don't use public Wi-Fi to shop online
You can save your mobile data, but using free public Wi-Fi may cause you much more damage. In most public places, you can get a free Wi-Fi nowadays, but beware that free always comes with a catch. Cybercriminals often exploit these Wi-Fi hotspots to steal your data or to engineer an access to your device. If you have no other choice and have to use a public WiFi, it’'s always better to use a VPN service that helps you connect through a remote server and hides some of your online activity. Otherwise use your mobile data, or use one of your devices to create a hotspot when possible.Tips when using public WiFi:
- Don’t login to your online banking or pay anything while on a public WiFi.
- Don’t forget to keep your devices updated. As much it could be annoying, a device with outdated software is like your house with front door wide-open, allowing cybercriminals to get access freely and effortlessly.
4. Be careful with ads displayed by social media platforms
Even social media websites and mobile apps aren’t immune from frauds. Staying at home has incited people to use social media channels more actively. Recent statistics have shown that losses due to social media scams have doubled compared to 2019. According to the US Federal Trade Commission, 94% of reported scams mentioned Facebook or Instagram.It isn't so easy to identify fake or fraudulent ads that appear on social media platforms as they are often very sophisticated. According to which.co.uk 42% of interviewed people were not able to distinguish whether the adveritsement they were seeing was real or fake. Using advanced settings, scammers can create targeted and tailor-made ads based on your likes, interests, age, and so on. Moreover, if you click on scam ads there is a higher risk that more similar ads would be displayed on your newsfeed. We sincerely hope major social media platforms will get better at protecting their users, but in the meantime, here are a few tips to stay protected when on social media:Helpful tips to avoid frauds on social media:
- Be careful with discount ads, posts, and different quizzes and competitions - especially if they ask you to submit your personal or credit card information.
- Check the profile first and find out when was it created and what the activity on their wall looks like. Check for comments and reviews too.
- Search for additional reviews online. If you are still not 100% sure, it's better to order somewhere you know and can trust. In the end, it may save you more than money.
5. To be even more secure use virtual credit card or temporary card
More and more banks now offer their clients an option to get a virtual or a temporary card designed for online payments. These cards don't exist physically and can be closed easily online. Additionally, you can set a specific amount for online payments, so you can't be overcharged, and specify a particular expiration date or use this virtual card just for a single payment.Compared to traditional physical cards, with virtual cards, you don't need to wait until your bank will deliver a card to you. You also don’t have to worry if the card details were exposed/stolen as you get it directly and it is not connected with your main bank account. Thus you can be more secure and confident during online shopping.
Always Stay Vigilant
Spending additional five or ten minutes on research may protect you from possible loss of money or frustration. But if the worst happens and your credentials were compromised or/and credit card information was stolen, change your passwords immediately and contact your bank.Sometimes one password can give attackers access to your email or social media and in result give them access to all your accounts and digital identiy. So it's better to have different passwords on each platform where you use your email or social media accounts to log in. If you were scammed by fraud ads, we recommend reporting it to a specific website where it happened. Here you can find useful links to learn more on how to report fraud on different social media platforms: Facebook, Google ads, Instagram, and Twitter.Note: Whalebone customers and end-users on our customers’ networks are automatically protected against all cyberthreats with zero disruption to their user experience.
