Written By Digital Content Editor Thomas Ahearn
While online shopping deals roll out on “Black Friday,” the Friday after Thanksgiving that traditionally starts the Christmas shopping season, and “Cyber Monday,” the Monday after Thanksgiving, “so do some of the worst Black Friday and Cyber Monday scams,” according to a blog from McAfee, a worldwide leader in online protection.
“Hackers, scammers, and thieves look to cash in this time of year by blending in with the holiday rush, spinning up their own fake shipping notices, phony deals, and even bogus charities that look legitimate at first glance,” the blog warns. Here are McAfee’s top five online shopping scams to avoid on Black Friday and Cyber Monday:
- The Fake Order Scam: Come this time of year, keeping tabs on all the packages you have in transit can get tricky. You may have an armload of them enroute at any given time, and scammers will look to slip into this mix with phony order confirmations sent to your mailbox or your phone by text. Packed with either an email attachment or a link to a bogus website, they’ll try to get you to download malware or visit a site that attempts to steal your identity. HOW TO AVOID: These messages can look quite legit, so the best way to keep track of your orders is on the sites where you purchased them. Go directly to those sites rather than clicking on any links or attachments you get.
- The Phony Tracking Number Scam: This scam plays out much like the fake order scam, yet in this case the crooks will send a phony package tracking notification, again either as a link or as an attachment. For starters, legitimate retailers won’t send tracking numbers in an attached file. If you see anything like that, it’s surely a scam designed to inject malware onto your device. In the case of a link, the scammers aim to send you to a site that will steal your personal info, just like in the case above. HOW TO AVOID: Once again, the best way to track your packages is to go to the source. Visit the online store where you made your purchase, open your current orders, and get your package tracking information from there.
- The Bogus Website Scam: A classic scammer move is to “typosquat” phony email addresses and URLs that look awfully close to legitimate addresses of legitimate companies and retailers. So close that you may overlook them. They often appear in phishing emails and instead of leading you to a great deal, these can in fact link you to scam sites that can then lift your login credentials, payment info, or even funds should you try to place an order through them. HOW TO AVOID: You can avoid these sites by going to the retailer’s site directly. Be skeptical of any links you receive by email, text, or direct message—it’s best to go to the site yourself by manually typing in the legitimate address yourself and look for the deal there.
- The Hot Deal Scam: At the heart of holiday shopping is scarcity. And scarcity is something scammers love. There’s always some super-popular holiday item that’s tough to find, and scammers will spin up phony websites and offers around those items to lure you in. They may use the typosquatting technique mentioned above to pose as a legitimate retailer, or they may set up a site with their own branding to look legitimate on their own (or at least try). Either way, these scams can hurt you in a couple of ways—one, you’ll pay for the goods and never receive them; and two, the scammers will now have your payment info and address, which they can use to commit further fraud. HOW TO AVOID: If the pricing, availability, or delivery time all look too good to be true for the item in question, it may be a scam designed to harvest your personal info and accounts. Use caution here before you click. If you’re unsure about a product or retailer, read reviews from trusted websites to help see if it’s legitimate. (The Better Business Bureau is a great place to start.)
- The Fake Charity Scam: In the season of giving, donating to charities in your name or in the name of others makes for a popular holiday gesture. Scammers know this too and will set up phony charities to cash in. Some indications that a phony charity has reached you include an urgent pitch that asks you to “act now.” A proper charity will certainly make their case for a donation, yet they won’t pressure you into it. Moreover, phony charities will outright ask for payment in the form of gift cards, wire transfers (like Western Union), money orders, or even cryptocurrency—because once those funds are sent, they’re nearly impossible to reclaim when you find out you’ve been scammed. HOW TO AVOID: There are plenty of ways to make donations to legitimate charities, and the U.S. Federal Trade Commission (FTC) has a site full of resources so that you can make your donation truly count.
The blog tells online shoppers they can avoid scams on Black Friday and Cyber Monday by sticking with known retailers online, looking for “https” in browsers when shopping, paying with credit cards instead of debit cards, using two-factor authentication, and using a virtual private network (VPN) when shopping on public Wi-Fi.
Employment Screening Resources (ESR) is a service offering of ClearStar, a leading Human Resources technology company specializing in background checks, drug testing, and occupational health screening. ClearStar has numerous certifications to protect against identity theft and fraud. For more information, contact ClearStar.
ClearStar and ESR offices will be closed in observance of the Thanksgiving holiday on Thursday, November 24, 2022, and Friday, November 25, 2022. ClearStar and ESR will resume regular business hours on Monday, November 28, 2022. Best wishes for a safe and wonderful Thanksgiving holiday from ClearStar and ESR!
NOTE: Employment Screening Resources (ESR) – a service offering of ClearStar – does not provide or offer legal services or legal advice of any kind or nature. Any information on this website is for educational purposes only.
© 2022 Employment Screening Resources (ESR) – A Service Offering of ClearStar – Making copies of or using any part of the ESR News Blog or ESR website for any purpose other than your own personal use is prohibited unless written authorization is first obtained from ESR.
Share on Social Media