The holiday season is upon us, which means more online shopping, but unfortunately, that also means more online scams. With more and more people looking for Black Friday and Cyber Monday deals online, it’s essential to know how to stay safe from scams.
Experts warn that most holiday shopping scams can occur right in your email inbox or on authentic-looking sites, especially during the deal-crazy Black Friday weekend.
“We expect to see a rise in phishing and malware attacks as hackers use them for the holiday season and holiday topics,” Adrien Gendre, chief solution architect at the leading email security provider, Vade Secure, told Digital Trends.
Don’t get phished: Avoiding Black Friday email scams
Gendre said that there are a few things to look out if you’re worried about being scammed through email. The first is to be careful of what kind of offer you see in a message since hackers like to create a sense of urgency in scam emails, especially around holiday shopping deals.
The second important thing to look out for is who the sender of the email is. Gendre said that the email subject and content could prove to be legitimate with logos and the right lingo, but only by looking at the sender will you know if the email in question is real or not.
It’s important to note that hackers nowadays use actual logos and verbiage from real companies to trick people into thinking an email is legitimate. Vade Secure made a list of “Phisher’s Favorites,” or brands that attackers frequently use to lure victims. The No. 1 brand is Microsoft, followed by PayPal, Netflix, Bank of America, and Credit Agricole.
For these brands and others, Gendre said that when in doubt, go to the site directly instead of through the email.
“Always go to the brand’s site directly if you see any type of email about an account suspension or account problem,” he said.
Gendre said that hackers are adapting to the trends, too. He noted that many retailers will email you a receipt if you have purchased something and that hackers are using that to their advantage by sending over fake receipt emails.
And all of these emails aren’t just located in your spam inbox — they are sitting in plain sight in your regular inbox as well.
“Hackers are getting more and more sophisticated about getting something into the direct inbox rather than the spam inbox,” Gendre said.
For the upcoming Black Friday holiday shopping weekend, Gendre’s advice is to slow down and be practical when reading your emails. It can be easy to get caught up in deal emails and act quickly to make sure you get the deal, but it’s important to look for all the telltale signs of a spam email before you click anything.
How to tell if a Black Friday website is legit
Aside from emails, you could also be duped this Black Friday by fake sites promoting shopping discounts and deals. According to researchers from the security firm Check Point, phishers are luring shoppers by using fake websites that look almost identical to real ones.
According to a new study published on Tuesday by Check Point, this year’s amount of fake websites has more than doubled.
“With only half of November over and even before the peak of Black Friday and Cyber Monday, use of e-commerce phishing URLs has more than doubled since last November’s peak — in fact, it’s up by 233%,” the study said.
It’s essential to pay attention to the website URL to find out if it is real or not. Check Point said that a website posing as amazon.com could have a URL like amaz0n-jp[.]com — with a zero instead of an O — so someone looking for a quick deal might not notice the fake URL.
Check Point said another leading indicator for a fake website is to look out for is spelling errors on a website.
And the No. 1 thing to look out for this upcoming holiday shopping weekend is to use common sense: If a deal is too good to be true — like 80% off of an iPhone 11 Pro — then it probably is.