Consumer | Cyber Security |

How to stay safe shopping online this festive season

By Jen Stockwell December 17, 2020

This year, we’ve been stuck inside – and on our phones and computers – more than ever. More than a million Aussie households shopped online between March and September this year for the first time ever. If that’s you, we have some advice to help keep you safe.

Australia Post predicts this trend is here to stay too, and it’s easy to see why. Shopping online lets you browse and choose what you need from the comfort of your lounge, and in the past few years Black Friday and Cyber Monday have become record-breaking online shopping events in Australia.

There’s another side to this, though: scams. According to Scamwatch, Australians have lost over $7 million to online shopping scams so far this year – up by up 42 percent this year. Scamwatch also says that scammers are typically out in force over Christmas, as families rush to get through their festive season shopping and bargain hunters trawl through all the digital Boxing Day sales.

Last year it was shoes, smartphones and tickets to concerts and events that were most likely to be listed online by scammers looking to make an illegitimate buck. This year, concert tickets aren’t likely to be as popular, but you should be more cautious than ever about making sure your online purchases are legitimate. As is usual on the internet, a little bit of caution can save you a lot of heartache.

One of the most popular methods of scamming you out of your hard-earned dollars while you’re online shopping is for a scammer to set up fake online stores. Scammers often set up fake websites that look convincingly real, or use social media platforms to host storefronts that may look like a genuine retailer’s. Often they have popular items at prices that may seem too good to be true. The big difference is that when you pay, you won’t see anything arrive in the post like you were expecting.

Another popular scam to watch out for is on classifieds websites, where scammers create fake seller profiles and list popular items at attractive prices. If you’re shopping for items on a classifieds site, a seller might suggest they’re travelling and a friend or agent will complete the sale for you once you’ve paid. There’s a reason that ‘buyer beware’ is a popular saying…

Here are some common-sense tips to help you stay a bit safer while shopping online:

  • If you’re shopping at an online store with its own website, do some research before you click ‘buy’: to check if it’s reputable. Look for independent reviews of the retailer. Are there clear contact details? Make sure you have trust in who you’re buying from, and where possible try to stick to reputable platforms (like eBay and Amazon) that will guarantee your purchase.
  • Shop with a credit card or VISA debit card from a reputable bank, or use a payment processor like PayPal, and check your statements regularly for any fraudulent or unexpected payments outside of your shopping. Always shop with a payment method that allows for disputes to be raised if necessary. And keep track of your purchases!
  • Be alert to phishing attacks: scammers are highly active this time of year. Treat every email or message with caution, especially if it’s asking you to do something or if the offer sounds too good to be true.

And if you’re browsing the classifieds for a second-hand bargain:

  • If possible, picking up the item that you’re buying in person is always preferable. It means you can inspect what you’re buying to ensure it is real and in the condition you expect, and you can agree with the seller to pay in cash or with an instant transfer. You want to avoid paying for the item before you have access to it.
  • When you’re communicating with a potential seller, ask for some proof that they have the item you’re looking to buy – like a new photo of the item. One of our favourites is taking a photo of the item on a recent newspaper with the day’s date. Digital timestamps on photos are also useful for this, especially if there’s no newspaper handy.
  • Carefully consider how much personal information you share when you shop online. Only complete the bare minimum mandatory fields needed to complete your order as any information you enter during sign up could be exposed if that website gets hacked.
  • And, of course, there’s one other piece of advice we’ll never shut up about: always use a strong and unique password, and turn on multi-factor authentication wherever you can. That way, if someone manages to guess your password, they won’t be able to get into your account.

Happy shopping!

Consumer | Cyber Security |

Beat scammers, score deals, this Black Friday

By Darren Pauli November 23, 2018

Black Friday, the US$5 billion mega sales event infamous for its crowd-crushing stampedes and squabbles, lands today. And scammers are ready.

The post-Thanksgiving sales day has remained the busiest on the American calendar since 2003 when it overtook the weekends leading to Christmas.

While a chiefly American affair, Black Friday and its sister Cyber Monday have seeped into the Australian retail sector with many major retail outlets lining up cut-rate deals.

The sales bonanza makes it as much a magnet for scammers as the consumers they target.

Fake discount offers and dodgy pop-up web stores are the threats consumers are most likely to encounter, experts say.

Veterans in the anti- phishing and scam sectors in Australia tell us scam stores spun up by criminals on Facebook are the biggest of these threats to shoppers.

These stores, which Facebook actively combats, are often created and advertised on the social network as a place to buy brand name goods like clothing and jewelry.

Operators close the stores after orders have been placed and paid, running off with the proceeds and leaving consumers empty-handed.

Threats arrive in inboxes too. Fake discount vouchers and false offers of cut-rate goods are the most common here around Black Friday, also appearing as SMS, spurious websites and online advertisements, and in various instant messaging apps.

Phishing emails and messages, however, are unlikely to increase over this fourth quarter, contrary to long-standing suggestions by many cyber security companies.

Analysis of quarterly reports dating to 2013 from the independent Anti Phishing Working Group reveal no consistent increases in the number of phishing domains, emails, or targeted brands over the November-December period.

Any increase over quarter three of a given year is offset or exceeded by falls in ensuing fourth quarter. There is no consistent bump in the number of phishing sites or emails seen by the Group or reported to it by organisations and members of the public.

Veteran security experts in the space also agree phishing does not increase in the lead up to the festive break.

While an informed mind can avoid many sales scams, much of the fraud set to occur in the coming weeks will stem from attacks which shoppers can do little to prevent.

Online stores compromised by hackers lead to some of the biggest losses of credit cards. Criminals silently break into these stores and siphon and store card details as they are processed through checkouts.

Many cards are then sold in batches on illegal marketplaces and forums.

These attacks are often due to stores’ outdated content systems and payment checkouts, or to a myriad of common security flaws the fixes of which have been known for decades.

Shoppers may able to claim reimbursement for fraudulent purchases if they use a credit card or service such as PayPal.