Black Friday, the busiest day of consumer spending in the US, and the symbolic beginning of the Winter holiday shopping season, is also a scammer's paradise. When customers are throwing money at you faster than you can say “Buy one get one free”, the urge to scam and cheat your way to riches is hard to resist for many. While Black Friday has come and gone, Cyber Monday is today, and the deals are as hot as ever. At Neowin, we practice safe Internet shopping, and we hope our readers will too. We’ve compiled a list of potential scams and schemes to look out for, and some basic guidelines to guide you through your annual gift-shopping adventures.
It’s an old trick, but somehow it continues to pay off. Scammers will send you an email or direct you to a website that looks a whole lot like a trusted bank or storefront, and will ask you to enter credentials. When scammers get a hold of your credit card information, identity fraud, account liquidation, and social network hijacking will likely follow shortly. Phishers use popular search terms to target users searching for popular storefronts and financial institutions during big shopping seasons. ‘Black Friday’ and ‘Cyber Monday’ are search terms likely to turn up all kinds of malicious content this year, so look out for it.
There are many ways to combat phishing, and a lot of it has already been done for you. Most browsers come with anti-phishing software that identifies the real domain of whatever website you’re visiting and displays it prominently in the address bar. Also, many search engines will warn you when you are about to click on a link that has been previously associated with malicious behavior. Finally, most respectable webpages that expect you to enter personal data are encrypted under the SSL protocol. You’ll know that you information is encrypted when you see the URL of a page that begins with https:// instead of http://. In order to obtain a license to operate an SSL encryption key, a website needs to purchase the service from a company like Verisign, which ensures that the website accepting your info is protected and reliable.
A relatively new opponent in the War on Scamming, Smishing is the cellular version of phishing. Since text messages are considered by most people to come from a reliable source, many will follow the instructions within without thinking twice. Whether it’s a URL or a phone number, many will click or call and ask questions later. The effects and consequences are similar to that of phishing, and the same basic rule applies: Only trust what you know, and never click on something of unknown origins.
While not so common yet, this practice is slowly gaining headway as a hard to catch way to steal debit/credit card information. The culprit sticks a magnetic reader to a gas pump card swipe or a restaurant card reader, and simply reads the numbers as they get scanned. However, this only gives the criminal the number on the card, not the personal PIN number. ATMs, a transaction system that always requires PIN authentication, are becoming popular targets for skimmers, and it is therefore wise to use ATMs at monitored locations, such as banks, where it is much harder to attach a skimmer. When using a debit card anywhere else, make sure to process it as a credit transaction, so you don’t need to use your PIN. Not only is this safer, but it also decreases your liability when fraud does occur.
This is a crime that applies primarily to gift cards, a prime product in the annual gifting extravaganza. In many stores, gift cards come prefilled. All you need to do is access the information on the card before you leave the store, and it’s yours to spend. As criminals become better and better at this, try to buy cards that are filled at the register after they are purchased. It’s less likely that someone already has the card information of an empty card.
A malady that proliferates as Internet shopping becomes ever more ubiquitous, the knockoff industry would like to sell you an iPad this holiday season. They’ve got a deal for you, too. For $150, you can own an iPad straight off the Chinese presses. Unfortunately, it runs Android 1.7, isn’t an Apple product at all, and has no customer support line to call when you realize your grave error. These knockoffs look eerily similar to the product they’re ripping off in ads, and many impulse online shoppers are easily fooled and blinded by the seemingly too good to be true price tag. There’s another basic rule of Internet shopping; if it’s too good to be true, it’s likely a lie.
Knock-offs are usually sold on auction sites like eBay, and can be easily avoided by anybody who has an inkling of English grammar skills. The ads aren’t written very well, and typically don’t look very professional. A few seconds of research and thought could save you lots of money and a big headache down the line.
What do I do?
Before you swear off spending money on your loved ones this year, keep in mind these basic tips and your shopping trips will more than likely end as well as they started (minus the large dent in your wallet).
- While surfing the Internet, only browse links and websites you know and trust.
- If you’re ever asked for personal or financial information, make sure you see a "https://" in your address bar. This means that your information will be sent encrypted.
- Try not to use your account PIN when using your credit/debit cards in a card reader.
- Check your account balances religiously. Another tactic scammers use if they do have your account information is to “test the waters” by charging micro-transactions (usually no more than a few cents) to see if the customer reacts. If nothing happens, they ramp up the charges until you’re hemorrhaging money in installments of hundreds and thousands.
I’ve followed Neowin’s advice, but I’ve still been victimized? What Now?
If for any reason you suspect that your financial information has been comprised, immediately call your bank(s) and inform them of the situation. The sooner you let them know what’s going on, the less liable you will be for fraudulent charges. If a credit card is in question, call up the various national and international credit bureaus that track your credit ratings and inform them as well. This will ensure that the fallout will not affect your credit ratings too much. Most banks are pretty good about refunding fraudulent transactions and reissuing cards. It’s all a matter of keeping vigilant and staying on top of your own financial goings on.
The holiday shopping season is rife with deals, bargains, and huge crowds of joyously angry shopping mobs. Don’t let the scammers of the world get you down, and set your wallet free!