Black Friday, the US$5 billion mega sales event infamous for its crowd-crushing stampedes and squabbles, lands today. And scammers are ready.
The post-Thanksgiving sales day has remained the busiest on the American calendar since 2003 when it overtook the weekends leading to Christmas.
While a chiefly American affair, Black Friday and its sister Cyber Monday have seeped into the Australian retail sector with many major retail outlets lining up cut-rate deals.
The sales bonanza makes it as much a magnet for scammers as the consumers they target.
- Beware new social media stores, notably those on Facebook.
- Double-check your URLs for misspelling (typosquatting).
- Do not trust unexpected links from any source.
- Verify unexpected offers using a search engine.
- Visit stores using your trusted bookmarks, search history, or search engines.
Fake discount offers and dodgy pop-up web stores are the threats consumers are most likely to encounter, experts say.
Veterans in the anti- phishing and scam sectors in Australia tell us scam stores spun up by criminals on Facebook are the biggest of these threats to shoppers.
These stores, which Facebook actively combats, are often created and advertised on the social network as a place to buy brand name goods like clothing and jewelry.
Operators close the stores after orders have been placed and paid, running off with the proceeds and leaving consumers empty-handed.
Threats arrive in inboxes too. Fake discount vouchers and false offers of cut-rate goods are the most common here around Black Friday, also appearing as SMS, spurious websites and online advertisements, and in various instant messaging apps.
Phishing emails and messages, however, are unlikely to increase over this fourth quarter, contrary to long-standing suggestions by many cyber security companies.
Analysis of quarterly reports dating to 2013 from the independent Anti Phishing Working Group reveal no consistent increases in the number of phishing domains, emails, or targeted brands over the November-December period.
Any increase over quarter three of a given year is offset or exceeded by falls in ensuing fourth quarter. There is no consistent bump in the number of phishing sites or emails seen by the Group or reported to it by organisations and members of the public.
Veteran security experts in the space also agree phishing does not increase in the lead up to the festive break.
While an informed mind can avoid many sales scams, much of the fraud set to occur in the coming weeks will stem from attacks which shoppers can do little to prevent.
Online stores compromised by hackers lead to some of the biggest losses of credit cards. Criminals silently break into these stores and siphon and store card details as they are processed through checkouts.
Many cards are then sold in batches on illegal marketplaces and forums.
These attacks are often due to stores’ outdated content systems and payment checkouts, or to a myriad of common security flaws the fixes of which have been known for decades.
Shoppers may able to claim reimbursement for fraudulent purchases if they use a credit card or service such as PayPal.