Iscriviti con RSS

Black Friday scams

Richie Koch

Condividi questa pagina

The holidays can be a busy time for shoppers and hackers alike. Black Friday and its newer cousin, Cyber Monday, are major economic events. Just last year, Americans spent roughly $5 billion(new window) in the 24 hours that make up Black Friday. Cyber Monday was even bigger: Americans spent over $6 billion(new window) in online purchases. Naturally, numbers like these attract the attention of all kinds of hackers, eager to take advantage of shoppers trying to get an early jump on their Christmas shopping.

We will discuss some of the hackers’ favorite techniques to seize your financial information — and what you can do to protect your online data.

1. Phishing

Phishing(new window) is a popular method of defrauding users because it only requires some social engineering knowledge and the ability to make a convincing email. Given that people are already primed to spend money during the holidays, their work is already half done.

Phishing attacks can range from emails offering incredible Black Friday sales, to offering free gift cards if you fill out a survey, to fake support emails claiming that you missed a delivery. Generally, these fakes try to impersonate well-known brands to gain your trust. In the past, Amazon(new window), Walmart(new window), and Kohl’s(new window) have been used in phishing scams.

2. Spoofed websites

While more technically demanding than crafting a phishing email, creating a convincing clone of an official retailer’s site is still fairly simple. Hackers will create websites that look just like Amazon and tempt you with incredible deals to enter your credit card information.

While the quality of the spoofs varies, from fake sites being littered with grammatical errors to clones that are nearly indistinguishable from the real site, the easiest way to spot a spoof is to check the URL. Check for .com rather than .net or .co, and watch out for similar characters, like “0” instead of “o”.

3. Malicious ads

Another common tactic to stay alert for is malicious ads(new window). Creating convincing ads is even easier than creating a genuine-looking website. Particularly skilled scammers can even get their ads placed on major platforms such as Google. The holidays see a surge in fake ads and, unfortunately, they can be hard to verify.

The best advice to give regarding fake ads is to simply avoid clicking on ads in general. If you are interested in a deal in an ad, the safest thing to do is to navigate to the retailer’s website yourself and find it there.

8 tips to protect your data against Black Friday scams:

  1. Inspect all links before clicking:Then evaluating promotional emails or ads this holiday season, be sure to inspect the hyperlinks before clicking on them. You can do this by hovering your cursor over the hyperlink without clicking on it. The URL for the link will pop up, usually in your browser’s bottom left corner. If the URL is not for the same company that sent you the email or if it looks suspicious, do not click on it. Also be very suspicious of any links you find via social media, especially shortened URLs that are much harder to evaluate yourself.
  2. Do not share your data unnecessarily: If an email is requesting that you respond with personal or financial information, treat that as a red flag. Never share sensitive data with corporations via email. Furthermore, you should never need to share more than your name, address, and phone number when shopping online. There should never be privacy or security questions when you are checking out.
  3. Find the deal yourself: If you are interested in one of the promotions in an ad or an email, it is much safer if you go directly to the retailer’s website in your browser and search for your desired product rather than clicking on the ad or the link in the email itself.
  4. Make sure the website you are on is secure: Before entering any sensitive information — name, address, or credit card numbers — into a website, ensure that the website is using encryption and verify its certificate(new window). A website is encrypted if its URL begins with “https:” rather than “http:” and there is a green padlock next to the URL. By clicking on this padlock you will bring up the website’s certificate. Verify that the certificate: comes from a trusted source, such as VeriSign, Symantec, or Entrust; has been issued for the organization who owns the website you are on; and that it is only valid for a year or two.
  5. Use verified apps: If you are shopping on your mobile device, be sure to only make purchases via apps downloaded from the official app marketplaces, such as Google Play or the Apple App Store. Even then, be skeptical of new or recently released apps that claim to be from a major brands. Each holiday season sees a new batch of fake apps flood the market while most major retailers have had their apps out for several years now.
  6. Protect your Internet connection: The best way to do this is to use a VPN service(new window). This prevents a malicious WiFi hotspot or DNS server from redirecting you to a phishing page if you are on an untrusted network. By using a VPN, you prevent any hackers from monitoring your online activity, especially when using public WiFi.
  7. Set up credit card alerts: Given the additional risk of a hacker stealing your credit card data, it is not a bad idea to set up a purchase alert with your credit card company. They can send you an email or SMS every time your card is charged. Be sure to set the limit as low as possible so that hackers cannot rack up hundreds of $19.99 charges undetected.
  8. Have some healthy skepticism: If you find an incredible deal or if an unbelievable offer is emailed to you unsolicited, there is a good chance you are being scammed. If an ad offers an outrageous deal, do not click on it. Try to find it at that company’s site yourself. Remember, if a deal looks too good to be true it probably is.

Take some additional time while shopping to remember the eight tips above and have a happy holiday season!

Best Regards,
The Proton VPN Team

You can follow us on social media to stay up to date on the latest Proton VPN releases:

Twitter (new window)| Facebook(new window) | Reddit(new window)

Get a free Proton Mail encrypted email account(new window)

Proteggi la tua privacy e la tua sicurezza online.
Passa gratis a Proton VPN

Articoli correlati

VPN on mobile device
en
Growing public awareness about the threat posed to our fundamental right to privacy by online trackers has fueled a surge in VPN adoption, a trend that has been boosted thanks to people spending more time online due to the Covid-19 pandemic. Althoug
Tor over VPN
en
  • Approfondimenti sulla privacy
Tor over VPN explained
Tor is a powerful privacy tool, but you may not want to use Tor all by itself. Learn why you may want to connect to Tor over a VPN. When you connect to the Internet, especially if you’re using public WiFi, there’s a good chance people are watching y
Smart TV privacy
en
Smart TVs are essentially televisions that can watch you. Their surge in popularity, along with smart speakers, means corporations (and anyone that can hack these devices) have another window through which they can view your private activity. The dat
Expats should use a VPN
en
  • Le basi della privacy
Why expats should use a VPN
Living abroad can be an adventure, but it also presents unique online privacy obstacles. A VPN can help expats stay in touch with their family and avoid Internet censorship. In the age of the “digital nomad” more and more people are moving abroad. L
en
The internet is full of information, but some of it is inappropriate, especially for kids and sensitive adults. SafeSearch can help filter out this content to make browsing safer and improve your children’s privacy online. This article explains how
IP whitelisting best practices
en
IP whitelisting is a security mechanism that restricts access to networks, systems, or applications based on approved IP addresses. Only IP addresses on the whitelist are permitted to connect, while all others are denied access. This method is typica