5 Tips to Avoid Black Friday Online Scams
Black Friday marks the start of the holiday shopping season. With Black Friday, comes increased website traffic, big discounts, and more opportunities for online scams. Retailers with carefully planned holiday marketing campaigns and online deals flood shoppers with emails, social media posts, and messaging about promotions to entice them into buying.
A DomainTools survey  of U.S. consumers highlighted online consumer shopping habits. Of the 1,000 consumers surveyed, 70% said they plan on shopping Cyber Monday deals. If you are not aware of what Cyber Monday is, it is the first Monday after Thanksgiving and is one of the largest online shopping days of the year. Before Cyber Monday is the infamous Black Friday. This, of course, is the day after Thanksgiving when consumers hit brick-and-mortar locations for bargains. The online holiday shopping is not just restricted to Cyber Monday, as many retailers have their same Black Friday deals online making them available all weekend.
What Happens in an Online Scam?
Problems arise due to carelessness with your own online safety and vetting e-commerce websites. People report that they have lost money in transactions, had their financial logins stolen, purchased fake products, downloaded computer viruses, or full-out had their identity stolen.
Cyber Security and Black Friday Online Shopping
Sixty percent of those surveyed said they would not shop a website if it had been breached in the past. However, the survey also found that the majority of shoppers (62%) are still willing to shop online from a brand that has had a past data breach if there is a good enough Cyber Monday deal. So, online shoppers are willing to look past transgressions if the savings is good enough.
- Make Sure You Are on the Correct Website
Cyber Monday historically results in a 152% increase in web traffic. According to the same survey, the three most popular websites to shop for the last six months were Amazon.com, Walmart.com, and Target.com. Hackers take advantage of this information by setting up phishing emails and fake websites. Spoofing a website is a type of cyber security scam where the hacker creates a fake version of a website. The URL of the site is usually a very closely named domain name. The content of the web pages may be identical to the legitimate version.
The goal of a spoofing website is to generally to make money for the hackers. Spoofed websites are used to scam credit numbers or financial account usernames or passwords. Spoofing websites may also attempt to gather personal information used to launch social engineering attacks.
- Beware of Phishing Scams
Almost all survey respondents (90%) said they knew about phishing scams. However, 54% said they felt they could still be fooled by a phishing email. Sixty-three percent are more likely to cross-reference email sending domain names with the rightful retailers’ website URL.
Check over all emails you receive and take a good look at the links to make sure they match the website you think you’re buying from. Also, take a hard look at the sender’s email address – not just the friendly name – look at the email account name. That’s one of the biggest and easiest to spot tip-offs to a phishing email. If you have not read these posts about identifying phishing scams, then brush up before the online shopping season begins.
If you verify that the sending email account is legitimate and the links appear to be correct, then you may be safe. The reality is that most retailers send shortened links so they can track marketing emails and website activity. Although this is a legitimate function of an ecommerce marketing campaign, it blinds the consumer from seeing the URL that they are selecting before they click. There is no way to see of the webpage you are about to land on, legitimate or not, if there is a link shortening service used.
- Beware of Social Media Scams
Social media is a helpful resource for product reviews and ratings on products. It can also be a total wild west for hawking fake goods and scams. Like phishing emails, readers should read and shop with caution. Take time to look over a social media account before following a user or taking any advice. There is no real way to know if a person chatting up the pluses of a product or service is legitimate or not. Certain social media accounts are identity verified but the overwhelming majority are not. Anyone can set up an account and start selling. Be sure the ultimate online site where you exchange money is legitimate too. That’s the most important part
- Avoid Previously Breeched Retailers
Breached retailers want the news of their cyber woes to disappear from the media. In addition, it’s not best practices to announce their new, if any, security measures. Stay up-to-date on online scams. It seems like there is a major data breach just about every month lately. No online business, no matter how large of an entity, is completely safe from hackers but some websites are more secure than others.
Shoppers are impatient and in a hurry. Requiring strong passwords and two-factor authentication protect online shoppers but inconveniences the buyer. Many websites are lax with security as safety measures can make shopping experiences unpleasant for the consumer. The more steps a website checkout requires from a shopper, the less likely the shopper is to complete the buying process. It’s a very simple, and long-standing statistic.
- Be Mindful of Security Details
Website shopping checkouts must be secured. Look for the URL to begin with HTTPS on all pages of your website. Spoofed websites rarely have HTTPS going for them, but they could. Verify that you are on the correct website URL, that the website is running HTTPS on all points where financial or account login information is exchanged.
Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers