Unmissable deals, a limited time period, and billions of pounds being spent online – it’s music to cybercriminals’ ears. This time of year offers scammers the perfect opportunity to trick users into thinking they’ve found a great deal and must act quickly, only to find themselves the victim of a Black Friday scam.
The consequences of Black Friday scams can be devastating for both businesses and consumers – here are our top tips for avoiding them.
Double check the web address
Scammers will often create very similar domain names to those they are impersonating, so double check that you’re on the correct website. They may have added in hyphens or duplicated a letter, which isn’t always easy to spot. Check for the little padlock symbol next to the web address – this indicates whether or not the site is secure.
Be cautious of clicking links in emails
Emails about the latest offers and big discounts can be enticing, but think twice before you click. Scammers can make it look like their emails are from a well-known brand, but on checking the actual email address you may find that it’s a ruse. Other things to look out for include spelling and grammar mistakes, a sense of urgency persuading you to act immediately, and discounts that are much bigger than usual.
Don’t buy from shops you haven’t heard of
The combination of Black Friday discounts and this year’s unprecedented demand for eCommerce means that popular items will likely go out of stock quickly. However, this doesn’t mean you should go searching elsewhere and buying from websites you haven’t heard of before! Buying from big name brands, or supporting local businesses that you know of, gives peace of mind that your money is going to a legitimate shop.
What is Black Friday?
Black Friday originated in the US and has become increasingly popular within the UK in recent years. Occurring annually, the Friday after Thanksgiving, it’s a huge event which sees thousands of stores slash their prices for the weekend, so shoppers can take advantage of great deals in the run-up to Christmas. Black Friday has even extended into ‘Cyber Monday’ and further into ‘Cyber Week’ where deals can continue to be found online.
Black Friday scams will be even more common this year
With England being in lockdown until the beginning of December, visiting brick-and-mortar stores won’t be an option. Black Friday shopping will be done online, even for those who aren’t internet-savvy and are unaware of cyber security best practices. Online shopping has increased significantly in recent years, but spending is expected to see a huge surge this year.
What kind of Black Friday scams are out there?
During Amazon Prime Day last month, hundreds of sites were found to be replicating the Amazon site in order to trick users into divulging personal and financial information. Emails impersonating Amazon would be sent out, claiming to be about order cancellations or returns. This would lead users to a site that impersonated an Amazon customer service website, asking users to fill out a form with their personal and financial details.
Watch out for emails that suggest there’s something wrong with your account, or claim to share offers that seem too good to be true. Scammers aim to take advantage of your concern – or your eagerness to get a great discount – and lure you into sharing sensitive information.
Messaging apps and social networks
Increasingly, cybercriminals have been using social media and messaging platforms in order to come across as trustworthy to unsuspecting users. In 2018, WhatsApp was used by hackers to trick users into believing they had been awarded 99% discount at various retailers. The link exposed victims to malware and other cyberattacks.
Top tips for consumers:
- Shop with a credit card instead of a debit card – they offer increased payment security
- Use your own Wi-Fi network rather than a public connection that is easier to hack
- If you’re unsure about a link sent to you by email or message, go directly to the website
Top tips for retailers:
- Make sure your payment methods are secure and PCI compliant
- Actively look out for any potential scams impersonating your brand
- Implement cyber security measures to protect your website from attackers