Skip to content

Mobile and web technologies

New technologies in everyday accessibility

  • Home
  • Mobile technologies
  • Web technologies
  • Contact
  • Home
  • 2022
  • July
  • 10
  • Don’t fall for these clever Black Friday scams this year

Don’t fall for these clever Black Friday scams this year

Posted on 10.07.2022By MobiletechNo Comments on Don’t fall for these clever Black Friday scams this year
Web technologies

The day after Thanksgiving is one of the biggest shopping days of the year, and despite a worldwide pandemic, shoppers spent a record $9 billion on Black Friday back in 2020, an increase of 21.6% over the previous year, according to Adobe Analytics.

And with all that money flowing from one wallet to another, cybercriminals will unfortunately look for a way to get a piece. Although scammers work year-round, it’s during the holiday season that they look to exploit the spirit of giving, which proves lucrative.

The scams are wide-ranging: As retailers like Amazon, Best Buy and Walmart roll out deals over the holidays, fraudsters put out elaborate websites to trick you into spending money on products you’ll never receive. You may receive text messages or emails claiming you’re eligible for a refund for an item you never purchased, just so that thieves can get you to reveal your card information. You might even be enticed into donating to a charity that provides homes for abandoned puppies — that just doesn’t exist.

Although scams come in all shapes and sizes, the red flags are always there. Here’s what you need to know about Black Friday scams and how to avoid becoming a victim this holiday season.

4 holiday shopping scams to avoid in 2020: Phishing, pyramid schemes and more

See all photos

Fake websites and fraudulent apps go ‘phishing’

In a phishing scheme, the goal is for hackers to get their hands on your personal information, like your credit card number, social security or account password. Pretending to be a large retail corporation, the fraudsters send out an official-looking email or text message, usually with a link to a fraudulent website designed to look just like a legitimate site.

Researchers at security firm Avanan recently discovered that hackers have been sending out spoofed Amazon order notification emails in recent months. The email resembles your run-of-the-mill order confirmation, except that the order is false and the charge is significant.

Naturally, if you believe you’re being charged for a substantial amount, you would want to reach out to Amazon. But in this instance, if you use the link in the phishing email to get in contact, you’ll be redirected to a fake Amazon webpage with a false phone number to dial. If you call, the fraudsters won’t initially pick up, but they’ll soon call back, asking you to provide your card number, expiration date and CVV to “cancel the order.” And just like that, they’ve got your information.

These types of attacks are commonplace throughout the year, but expect a surge in messages claiming to be from Amazon, Best Buy, Walmart, Target or other large retailers during the holidays. 

If you receive an email asking you to update your payment method or requesting other personal information, contact the company’s help desk to make sure the email is legit before you do anything else. 

Other ways to identify a phishing email, according to the Federal Trade Commission and StaySafeOnline.org, include: 

  • The sender’s email address looks almost right but contains extra characters or misspellings.
  • There are misspellings or bad grammar either in the subject line or anywhere in the body.
  • They address you with generic terms (“Mr.” or “Ms.” or “Dear Customer”) instead of by name.
  • The message warns that you need to take immediate action and asks you to click a link and enter personal details, especially payment information.
  • The messages promise a refund, coupons or other freebies.
  • The company logo in the email looks low-quality or just plain wrong.
mobile-payments-visa-paywave-chip-security-credit-cards-4885.jpg

Credit card skimming at one point required physical hardware, but nowadays hackers are inserting malicious code directly on retailers’ websites to steal customers’ credit card information.


James Martin/CNET

Credit card skimming goes all-digital

You’ve seen it in movies. A hacker places an object over a card reader, disguised to look like part of the ATM, and then waits for people to swipe their cards. A day or week later, the thief takes the object — known as a skimmer — back and collects the mountain of stolen card information stored inside, which they can then use to make purchases, withdraw money and more.

In real life, skimming attacks such as these account for millions in stolen cash each year. Just this past January, criminals in New Jersey attempted to steal $1.5 million via coordinated skimming attacks on thousands of bank customers. 

And while there was a drop in traditional skimmer attacks in some places last year, the schemes have flourished on the digital side. 

Instead of using physical hardware to steal payment card numbers, hackers can insert malicious code directly on a website to do the same thing as traditional skimming, but with online payment information instead.

Regarding e-skimming incidents — or sometimes called Magecart attacks after then name of the software used — Tim Mackey, principal security strategist for Synopsis, a digital security company, warns, “There isn’t an obvious way for the average person to be able to identify if or when a website has been compromised. The only potential tell-tale sign might be that the website itself doesn’t quite look ‘right.'” 

Mackey suggests a few strategies you can can use to protect yourself: 

  • Don’t save your credit card information on retail sites.
  • If possible use a third-party payment method like Apple Pay, Google Wallet or PayPal.
  • Enable purchase alerts on all your credit cards.
  • Disable international purchases on all credit cards.
  • Only make purchases over your home network or cellular network, never on a public Wi-Fi where your payment could be intercepted.

Avoid the ‘Secret Sister’ gift exchange — it’s a pyramid scheme

Originating on Facebook, this sketchy gift exchange among internet strangers plays off the popular workplace practice of “Secret Santa,” a game where each person in a group buys a present for one other randomly selected group member, without the gift-giver revealing their identity. 

Instead, in Secret Sister, it’s a pyramid scheme dressed up in holiday clothes, according to the Better Business Bureau. The “Secret Sister” exchange invitation promises you’ll receive about $360 worth of gifts after purchasing and mailing a $10 gift for someone else. A variation includes swapping bottles of wine. And there’s even “Secret Santa Dog,” in which you gift money to a “secret dog.”

Unfortunately, bad math hasn’t stopped this scam from resurfacing year after year. If you fall for it, you’ll probably be out 10 bucks when you don’t receive any gifts in return and you may lose personal details too because the scam involves sending your name, email address and phone number to people you’ve never met in person.

The Better Business Bureau recommends you deal with any request to become a Secret Sister by ignoring it — do not give your personal details to online strangers. You can also report the invitation to Facebook or whichever social network you were approached on.

salvation-army-amazon-wishlist-slide

Not all charities are reputable, which is you may need to research before you donate.


The Salvation Army

Your donations might be going to a ‘faux charity’

During the holiday season, it’s not uncommon to give back to the community. In fact, nonprofit organizations typically see an increase during the fall — the last three months of the year make up 36% of all charitable giving during the year, according to Blackbaud Institute, which creates fundraising applications.

Unfortunately, scammers take advantage of this generosity to make a bundle for themselves.

The way these charity fraud scams typically work are by impersonating other successful charities. And it’s no wonder they work: The scammers come up with real-sounding charity names, create credible websites, run successful social media campaigns — and they’re persistent.

Scammers typically call you using local phone numbers, which give you a false sense of security. However, it’s incredibly easy to spoof an area code. Next they’ll make their pitch, and it’ll be a good one. It will tug at your heart-strings, but they’ll never actually specify how they’ll help. And they may even claim that you’ve made a donation before, and suggest that you make another, and that if you do, it’ll be tax-deductible. And it’ll all be a lie.

If you get a call from a charity and sense some red flags, the AARP and FTC suggest that you do the following:

  • Do your research. Use a watchdog like CharityWatch to get more information about a charity and learn how credible it is. Or use Google.
  • Pay close attention to the charity name and website. False charities like to mimic other popular charities. If it seems too close in name to another, it might not be real.
  • Keep track of your donations. Even if you accidentally donate to a scammer, you need to ensure that the donation isn’t recurring.
  • Don’t give away all your personal information. Of course it’s normal to provide your card information, but don’t do the same with your Social Security number or bank account number.
  • Don’t make a cash donation. Unless you’re certain about a charity’s credibility, don’t give away cash, gift cards, or cryptocurrency.

Covid isn’t the only thing you must protect yourself again during the holiday season. If you’re interested in security and privacy, check out how to protect yourself from identity theft, how to protect your phone app privacy, and which cryptocurrency scams to look out for.

Post navigation

❮ Previous Post: A new iPad accessory adds assistive eye tracking
Next Post: Cryptocurrency faces a quantum computing problem ❯

You may also like

Web technologies
Oculus Quest update adds fitness tracker app, and Quest 2 gets 90Hz games
17.08.2022
Web technologies
Apple’s new MacBook and Mac Mini could change PCs as we know them
17.08.2022
Web technologies
Apple’s Swift Playgrounds 4 lets programmers submit apps to the app store
07.07.2022
Web technologies
How to take a screenshot on a Chromebook
07.07.2022

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Fresh Records

  • Samsung Galaxy S23 vs Galaxy S23 Ultra: expectations
  • Oppo Find N2 vs Samsung Galaxy Z Fold 4: new foldable phone wants to dethrone the king
  • Galaxy S23 Plus vs Galaxy S23: What to expect
  • Samsung Galaxy S23 Plus vs Galaxy S23 Ultra: all differences to expect
  • Samsung Galaxy S23 Ultra vs OnePlus 11: what to expect

Fresh Comments

No comments to show.

Archives

  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022

Headings

  • Mobile technologies
  • Web technologies

Copyright © 2023 Mobile and web technologies.

Theme: Oceanly News by ScriptsTown

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT