Black Friday scams are the perfect opportunity for cyber criminals. With shoppers more likely to shop online for event deals, scams on this day have trebled since 2020. Not only are people often too eager to grab their bargain to consider cyber safety but many consumers are new to online shopping and aren’t aware of cyber security best practices.
Black Friday scams to look out for
Black Friday scams can be devastating for both the consumer and the business. It’s important everyone knows what to look out for.
Replica sites
Spoof sites are a very clever way for cyber criminals to make easy money. A replica site is made with a slightly different URL than the legitimate site. The scammer then advertises some amazing Black Friday deals and consumers rush to send them their credit card details and personal information including full name, address, and even date of birth.
Hundreds of replica Amazon sites were reported during Prime Day 2020.
There are a couple of precautions consumers can take to protect themselves from Black Friday scams like these. Firstly, always check the URL you are visiting with care – check for discreet typos and make sure the domain is what you would expect – ‘.co.uk’. Before a major sale event, it’s also a good idea to bookmark the websites you’re most likely to shop on. Secondly, if you see an unmissable deal in your emails, visit the retailer’s website directly instead of clicking links in the email.
As a retailer or service provider, it’s always a good idea to secure all variations of your domain. By owning the ‘.co.uk’, ‘.com’ and even ‘.org’ versions of your domain, you’re making it increasingly difficult for your site to be successfully cloned. In addition, keep a close eye on your social media channels during peak promotional activity. If your customers suspect anything untoward on your website, they’re likely to comment on your page or send a direct message.
Phishing emails
Black Friday is a prime time for phishing emails, with countless opportunities for cyber criminals to scam consumers. It could be as simple as a malicious link to a great offer. It could be an email impersonating a retailer alerting you to a failed transaction. It could be a courier wanting to arrange delivery. Phishing emails are designed to trigger an emotional response from the recipient so always take your time. Check the sender’s details, look for typing errors, and most importantly, don’t click any links if you have any suspicions at all.
Learn more about what a phishing attack looks like and how to avoid them.
As a business, we recommend you remind your users of the safe-guarding rules around personal internet use in the workplace. If a user falls victim to a phishing attack through their personal emails on a business device or is drawn to a ‘mega sale’ pop-up, it could be your business data the scammer captures. Ideally, your firewall will be configured to protect your business from this possibility. If you’re unsure, get in touch with your IT provider.
Smartphone scams
Cyber criminals understand that smartphones are a huge part of life and are turning to messaging apps to target victims. The best way to avoid this Black Friday scam is vigilance. If it looks suspicious, the chances are it is.
In 2018, hackers used WhatsApp to expose victims to malware through a link to a 99% discount code with various retailers.
Sadly, if your business is involved in a scam like this, it could damage your reputation significantly. That’s why it’s important to stay vigilant yourself. Keep a look out on social media channels and forums for consumers talking about your business in relation to discounts. If you are alerted to scam messages involving your business, notify consumers by email and social media as soon as possible. You will also need to file a report with Action Fraud.
5 ways to protect your smartphone from a cyber attack.
Jupiter IT – we’re passionate about cyber security.
As cyber crime grows increasingly sophisticated, we know that pristine cyber security has never been more important for businesses. That’s why we provide free, content-rich, cyber security staff training for all our clients.
To find out more, drop us a line – we’re waiting to share our expertise with you.
