Email security company Tessian is warning people to be alert for Black Friday phishing scams this year. (Understand that referring to “Black Friday shopping” also includes the days that surround it, including Cyber Monday.) Their researchers found that 30% of people in the US reported receiving a phishing message around this time in 2020, either by email or SMS to their cell. And 62% of U.S. consumers told them they plan to take part in Black Friday shopping this year. In 2020, 186.4 million U.S. consumers shopped during the four days after Thanksgiving, according to statistics from the National Retail Federation. This is why it’s important to be on the lookout for Black Friday phishing scams.
Shop ‘til you drop…with a 2021 twist
The hot deals that occur from Black Friday to Cyber Monday (and now even earlier, thanks to the infamous “Christmas Creep”) draw millions of shoppers to the internet. But this increased consumer activity also attracts scammers looking to cash in. And there’s a new wrinkle this year, with the ongoing supply chain problems across the globe. Criminals might be looking to take advantage of shoppers desperate to get ahold of hard-to-find items. Messages or ads promising you something you can’t find easily AND at a bargain-basement price might cause you to overlook some glaring warning signs. (In fact, that promise and the low price IS a warning sign!)
Common Black Friday Phishing Scams
Here are 5 popular scams that spring up this time of year, and how to stay clear of them:
The gift that never arrives
You’re searching online when you come across the perfect gift at a good price. You go to the site, put the item in your cart, and click the “buy” button. You don’t get a tracking number, the package never arrives, and the seller disappears. You’ve fallen victim to what the FBI calls a “non-delivery scam.” The solution: Stick to reputable retailers. But if you must shop with a new-to-you merchant, check for a physical address, a customer service phone number, and a professional-looking site. Look for the warning signs of sketchy sites including poor spelling, odd design, and slow loading. Only buy from secure sites with SSL encryption, with URLs starting with https: (rather than just http:) and a lock icon.
Seller requires payment via gift card
This may happen on auction sites and should immediately raise big red flags. According to the U.S. Federal Trade Commission, gift cards are a popular way for scammers to steal money from you. Only pay for online purchases with a credit card, as your liability for fraud is capped at $50. And if you ARE using a gift card, use it only at the retailer it was issued for (Target, Macy’s, etc.), or if an AMEX, Visa or Mastercard, only at trusted retailers.
Message about an item you never ordered
Another popular Black Friday phishing scam comes in the form of an email telling you there’s an issue with an item you ordered. But you don’t recognize the item mentioned, and you know you never ordered it. You worry because the charge is significant, so you immediately respond by clicking on a link they’ve provided. Odds are the message is a phishing email meant to trick you into providing your bank login or other private information. Your safest course of action is to simply delete the message without responding in any way. But if you are concerned that someone is ordering things under your name without your permission, go directly to the retailer’s website using your browser, and check your purchase history for yourself. Or contact customer service using the phone number provided on their website. Most likely, you will find that everything is as it should be.
Fake shopping websites
You think you are on the website of your favorite department retailer to score a deal, but in fact, you are on a cloned website set up by a scam artist. You make a purchase (or so you think!) and the scammer steals your credit card information. There is a chance you ended up there simply by making a typo in a Google search. Criminals are getting savvier by the day, and in 2021, there are spoofed websites with addresses based on common misspellings and typos. The way to avoid a cloned site is to make sure you’re going to the real online site where you want to shop. The best way: Bookmark the legitimate versions of your favorite shopping sites in advance to avoid rushed mistakes. And never visit a retailer by clicking a link in a “deal” email or text, or on social media.
Fake delivery notifications
These notifications may look like they’re coming from the USPS, FedEx or UPS, but they’re not. A scammer’s odds of getting a successful response are vastly improved from Black Friday through Cyber Monday due to the huge increase in online shopping. They may mention a problem with delivery and provide a link you can click to “fix the problem.” You may be asked to enter personal information or a credit card number. Without giving you any specific details as to what the item is, or where it is coming from, it’s tempting to reply to them. But be aware that this is becoming a common scam. Track your purchases and shipments on your own, using the delivery company’s website.
Keep away those holiday blues!
I think it goes without saying that a sure way to ruin your holidays is by falling victim to a Black Friday phishing scam. A couple of weeks ago I wrote a more general post about the uptick in cybercrime over the holidays every year, and the factors that play into it. I also included several tips to keep yourself and your friends/family/colleagues safe, which I suggest you take a look at. (And share, along with this post. Particularly with those folks you know who are not as internet savvy as perhaps you are.)
Now go find yourself a great deal…safely!