This time of year offers scammers the perfect opportunity to trick users into thinking they’ve found a great deal and must act quickly, only to find themselves the victim of a Black Friday scam.
Unmissable deals, a limited time period, and billions of pounds being spent online – it’s music to cybercriminals’ ears.
The consequences of Black Friday scams can be devastating for both businesses and consumers – here are our top tips for avoiding them.
Festive shoppers urged to be Cyber Aware as figures reveal average online losses of £1,000 in 2021
~ National Cyber Security Centre
What kind of Black Friday scams are out there?
Impersonation sites
Scammers use impersonation (spoofed) websites to advertise fake Black Friday deals, steal your credit card information to use or sell, and possibly grab other personal information such as your name and address.
During Amazon Prime Day 2020, hundreds of sites were found to be replicating the Amazon site in order to trick users into divulging personal and financial information. Emails impersonating Amazon would be sent out, claiming to be about order cancellations or returns. This would lead users to a site that impersonated an Amazon customer service website, asking users to fill out a form with their personal and financial details.
The easiest way to avoid a cloned site is to make sure you’re visiting the official website. To make sure of this, you can check the URL to see if there are any typos and the correct domain is being used, for example ‘.co.uk’. You can also bookmark the website you want to visit for easy access.
Phishing emails
In Black Friday phishing emails, you may receive an email or other message from well-known retailers suggesting that there’s something wrong with an item you ordered, your account, or claim to share offers that seem too good to be true. Scammers aim to take advantage of your concern – or your eagerness to get a great discount – and lure you into sharing sensitive information.
Phishing emails are meant to trick you into clicking a suspect link, providing your bank login credentials, or other personal information.
If you click on a phishing link, you should act right away. If you provided login credentials for any site, you should immediately change your username and password. If you entered any bank details, you should contact your bank straight away and cancel your card. The bank should reissue you with a new card.
Messaging apps and social networks
Increasingly, cybercriminals have been using social media and messaging platforms in order to come across as trustworthy to unsuspecting users.
In 2018, WhatsApp was used by hackers to trick users into believing they had been awarded a 99% discount at various retailers. The link exposed victims to malware and other cyberattacks.
The best way to notice a scam via this method is to check for unknown numbers or any misspellings or grammatical mistakes, or wording asking you to click a link or forward a message. If you receive a message that matches these criteria’s, you should delete immediately.
How to avoid getting scammed on Black Friday
Double-check the web address
Scammers will often create very similar domain names to those they are impersonating, so double-check that you’re on the correct website. They may have added in hyphens or duplicated a letter, which isn’t always easy to spot. Broken links, typos or slow-loading pages can be a giveaway that you’re on a scam site and not an official one.
Always make sure the website you’re using is secure. A secure URL should begin with ‘https’ rather than ‘http’. The ‘s’ in ‘https’ stands for secure, which indicates that the site is using a Secure Sockets Layer (SSL) Certificate.
Secure sites will also have the padlock symbol next to the web address – this indicates whether or not your information – such as passwords and card details – is secure and will not be intercepted when sent to this site (the padlock doesn’t guarantee that it won’t be stolen once it gets there, though, so it’s important to check you’re on the correct website before entering any information).
Be cautious of clicking links in emails
Emails about the latest offers and big discounts can be enticing but think twice before you click.
Scammers can make it look like their emails are from a particular brand, but on checking the actual email address you may find that it’s a ruse.
Other things to look out for include spelling and grammar mistakes, a sense of urgency persuading you to act immediately, and discounts that are much bigger than usual.
Don’t buy from shops you haven’t heard of
The combination of Black Friday discounts and the rise of e-commerce means that popular items will likely go out of stock quickly. However, this doesn’t mean you should go searching elsewhere and buying from websites you haven’t heard of before. Instead, you want to stick with the big brands you know.
Buying from well-known brands, or supporting local businesses that you know of, gives peace of mind that your money is going to a legitimate company and that you will receive the items you buy instead of being scammed.
Top tips for consumers
- Shop with a credit card instead of a debit card – they offer increased payment security and retrieving money lost to fraud is much easier.
- Use your own Wi-Fi network rather than a public connection as it is easier to hack
- If you’re unsure about a link sent to you by email or message, go directly to the official website.
- Regularly review your bank and credit card statements for unusual activity.