With Black Friday and ‘hopefully’ a White Christmas, this is the busiest online shopping period. It’s also the busiest time for online cyber-criminals. Here’s a few tips to help you stay ‘cyber-safe’ at home over the holidays.
Watch out for fake websites
It’s very easy for cyber-criminals to create a spoofed website that looks like an official retailer and then offer ‘unbelievable’ deals. Once a payment is made you may receive inferior products, and that’s if they arrive at all. Remember to always check the URL of the website and look out for domain names that end in .net or .org.
Pay by credit card
Credit cards provide protection if things go wrong with a purchase. If the goods don’t show up or are faulty, and cost more than £100, Section 75 of the Consumer Rights Act means you can claim the money back. For goods under £100, or payments made by debit card, you can ask your bank to recover the money through “chargeback”. Always be suspicious if a website asks you to make a bank transfer instead of paying by card.
Make sure the site is secure
Check for ‘https’ at the start of the website URL. The ‘s’ stands for secure. Look for a padlock on the left of the browser. If the padlock is on the page itself this is probably a spoofed website.
Beware of phishing emails
Phishing messages are designed to appear from trusted organisations such as your bank or HMRC, or familiar retailers like Apple, Tesco and Argos. They aim to trick you into revealing personal details. The emails usually contain links which when clicked download malicious software or take you through to a spoofed website where your personal details are requested.
Over the Christmas holidays, be very wary of emails from retailers offering deals or cash prizes. Check the email address and don’t click on any links embedded in the message. Even an “unsubscribe” link could be malicious.
Don’t trust WhatsApp messages offering gift cards
WhatsApp users have reported receiving messages offering Topshop and Sainsbury’s gift cards that appear to be sent from a phone contact. The link takes you through to an official looking site which requests personal details.
Clicking on the link would also allow cyber-criminals to collect personal information from your device that could track you. Delete messages like these even if they look like they’ve come from someone you trust and install security software on your device.
‘Freebies’ on Facebook
Free iPads, flights, shopping vouchers, Alton Tower tickets and cheap RayBan sunglasses all fall into the category of “if it looks too good to be true, it probably is”.
Cyber-criminals create attractive looking deals which they post on Facebook asking users to “like” and “share” the advert to boost it to the top of news feeds and target a wider audience. If you click through you will be asked for personal details which can be used for fraudulent purposes. The posts may appear to be from legitimate companies – check if the Facebook account is verified with a blue tick.
Avoid shopping on public Wi-Fi
Internet hotspots offered by coffee shops, libraries and bars may be incredibly convenient but are extremely vulnerable. A cyber-criminal can easily hack into the network and access your user details or set up their own fake hotspot. If you’re shopping or banking online use your own 3G/4G network or wait until you get home.
Don’t fall for the “Click and Receive” scam
Be suspicious of emails that ask you to click on a link and enter your details to rearrange a delivery. It won’t tell you what the item is but over the holiday period thousands of people are likely to have ordered something online and may be tricked into handing over personal information.
In some cases credit card details may be asked for to “verify” the delivery. Be suspicious if the email doesn’t tell you what the ordered goods are and if in doubt, retrace your order trail and make a call to the company you’re expecting a delivery from.
When shopping on eBay stick to the rules
There are various ways that eBay protects users – those who don’t stay within the guidelines will struggle to get their money back if they fall victim to a scam. Always pay by Paypal – most items will be protected by eBay’s Money Back Guarantee. Scammers will try and get you to pay by bank transfer or a service such as Moneygram. Do this and you forfeit your protection.
Also be wary of sellers contacting you directly to offer you a better deal than the listed price. Be careful of those with little or no selling history.
Watch out for fake customer reviews
More than half of UK adults use online review websites such as Amazon, Tripadvisor, Expedia and Checkatrade to find the best bargains.
But among the genuine reviews are millions of fakes. Be suspicious if too many of the reviews seem similar – it suggests they are being copied and pasted or written by the same person. It should raise a red flag if the reviews are all very new. If you are at all suspicious of the website avoid it.
If you think you’ve been a victim of a scam – act fast!
If you’ve been conned call your bank immediately and ask them to try and stop the payment. The sooner you do this the more chance you have of getting your money back. Banks will only refund customers who have been defrauded on their credit card or debit card, or a transaction has been actioned without their authorisation. Call your bank yourself, not a phone number given to you in a possibly scam letter or email.
Banks are not responsible for reimbursing customers who have been deceived into making payments.
If action is taken swiftly and there are funds remaining in the cyber-criminal’s account your bank may be able to claw back it back if it requests an indemnity. If you feel your bank has not done enough to help you make a complaint and take it to the Financial Ombudsman to investigate. You should also report it to Action Fraud.
Websites for more information:
Get Safe Online: https://www.getsafeonline.org/
The UK’s leading awareness resource helping protect people, finances, devices and businesses from fraud, abuse and other issues encountered online.
Action Fraud: https://www.actionfraud.police.uk/
The UK’s national fraud and cyber-crime reporting centre. The easiest way to report fraud and cyber-crime is by using the online reporting tool.
Stay Vigilant and Stay Safe this Christmas Holiday Time!