.jpg)
It's that time of year again when millions of shoppers are online looking for Black Friday deals. But as the number of online shoppers increases, so too does cyber crime. Last year, British lost over £10 million to scams during last year's festive deals period, an average of £695 per victim.
In 2023, the number of people shopping online for Black Friday deals increased by 4 million.
This year, with the stronger presence of AI, shoppers and retailers should prepare for more sophisticated scams and data breach attempts than in previous years.
So how can you spot a scam as a shopper and how can you prevent them as a business?
Replica sites
As a shopper
Spoof sites are a very clever way for cyber criminals to make easy money. A replica site is made with a slightly different URL than the legitimate site. The scammer then advertises some amazing Black Friday deals and consumers rush to send them their credit card details and personal information including full name, address, and even date of birth.
Hundreds of replica Amazon sites were reported during Prime Day 2020.
There are a couple of precautions consumers can take to protect themselves from Black Friday scams like these. Firstly, always check the URL you are visiting with care – check for discreet typos and make sure the domain is what you would expect – ‘.co.uk’. Before a major sale event, it’s also a good idea to bookmark the websites you’re most likely to shop on. Secondly, if you see an unmissable deal in your emails, visit the retailer’s website directly instead of clicking links in the email.
As a business
As a retailer or service provider, it’s always a good idea to secure all variations of your domain. Owning the ‘.co.uk’, ‘.com’ and even ‘.org’ versions of your domain makes it increasingly difficult for your site to be successfully cloned. In addition, keep a close eye on your social media channels during peak promotional activity. If your customers suspect anything untoward on your website, they’re likely to comment on your page or send a direct message.
Phishing emails and texts
As a shopper
Black Friday is a prime time for phishing emails and texts with countless opportunities for cyber criminals to scam consumers. It could be as simple as a malicious link to a great offer. It could be an email impersonating a bank or retailer alerting you to a failed transaction.
Proving popular this year is failed delivery notices. This method isn't new and most of us have received one in past years but now including photos of the supposed package and improved courier brand impersonation tactics, more people are falling victim.
Remember, phishing is designed to trigger an emotional response so always take your time. Check the sender’s details, look for typing errors, and most importantly, don’t click any links if you have any suspicions at all.
With one-third of people saying they are expecting delivery of at least 6 parcels in the next month, cyber criminals are increasingly using missed parcel scams to target people.
As a business
As a business, we recommend you remind your users of the safe-guarding rules around personal internet use in the workplace. If a user falls victim to a phishing attack through their personal emails on a business device or is drawn to a ‘mega sale’ pop-up, it could be your business data the scammer captures. Ideally, your firewall will be configured to protect your business from this possibility. If you’re unsure, get in touch with your IT provider.
Fake gift cards
As a shopper
Fake gift cards are fast becoming a favourite scammers. The reason is it's almost impossible to track and for victims to re-claim the money they lose. If you're buying a gift card, avoid doing so online if at all possible. If you have to purchase the gift card online, always make sure you go direct to the company website.
As a business
Sadly, if your business is involved in a scam like this, it could damage your reputation significantly. That’s why it’s important to stay vigilant yourself. Keep a look out on social media channels and forums for consumers talking about your business in relation to discounts. If you are alerted to scam messages involving your business, notify consumers by email and social media as soon as possible. You will also need to file a report with Action Fraud.
Jupiter IT – we’re passionate about cyber security.
As cyber crime grows increasingly sophisticated, we know that pristine cyber security has never been more important for businesses. That’s why we provide free, content-rich, cyber security staff training for all our clients.
To find out more, drop us a line – we’re waiting to share our expertise with you.
