In case you’re not aware what Black Friday is, it’s the day after Thanksgiving and this is when both online and in-store retailers cut prices, provide special offers and discounts on many of their products and services. In recent years the UK market has also jumped on board to offer deals and discounts.
Following a year of high profile cyber security breaches, companies are facing increased pressure to ensure that they have sufficient protection in place to protect customers’ personal data both online and instore as they prepare for one of the biggest shopping day in the year’s retail calendar.
It’s important for you to be aware of the various types of scams and understand the simple steps that you can take to remain safe and secure this Black Friday. Cybercriminals will target consumers this year- and that’s a fact. Below are the top Black Friday scams expected to hit consumers this year.
The convenience of having your receipt emailed to you instead of cluttering up your wallet or handbag will appeal to many customers. However, this year we can anticipate that digital receipts may contain a different type of information than the one you were expecting.
Fraudulent or fake receipts will be sent to unsuspecting consumers in the hope that they will open emails. The email headline will usually include a catchy title, thus provoking an emotional reaction such as fear or curiosity. Usually the fear will be that you have overspent and bought more than you realised, even though the receipt may reference a store that you may not have visited. Curiosity will occur due to the fact that we expect that it has been delivered to the wrong recipient or it is a gift bought by someone else. Either way, this emotional reaction is exactly what the fraudsters were aiming for. They are also hoping that this reaction will ensure that you click on the link or visit the website listed within the email. These links or email usually contain malware or something equally as sinister.
In a similar thread, delivery confirmation are similar threats as the digital receipts. Delivery confirmations are sent directly to the recipient’s email account and usually contain a link where you can track your parcel or delivery. These confirmations are bogus emails that contain malicious links.
Digital coupons are provided by retailers to entice consumers to travel to stores or shop online. Customers can use these coupons to save money on their purchases by downloading these coupons, printing them out and using them in-store or on the store’s website. Consumers will usually have to fill in their personal details such as name and email address to gain access to the coupons. But fraudsters are creating fake coupons and are sending these out to unsuspecting consumers via email. They will either use the coupon download to gather your personal details for phishing scams, or they may use the download to install malware on your system.
Digital marketing plays a huge role in offering discount codes, downloadable vouchers and other sale information. One scam to be aware of this Black Friday is the “Facebook like”. Scammers will post “deals” that are too good to be true, hoping that Facebook users will like or share their posts in hopes of winning.
Once the post receives enough likes, Facebook’s algorithms will start to recognise the post and will promote it on other sites. Once the post starts to have some traction, the scammers will then change the content to capture Facebook users’ personal details or they will hide malicious links in the content.
Like the “Facebook like” scam, digital marketers for retail brands have started using QR codes to entice consumers to their Black Friday sales. Legitimate QR codes provide links to websites, coupons and other discount information. Cybercriminals are now hijacking QR codes by placing a fake sticker on top of an existing QR Code sticker or by embedding it into an email. These fraudulent QR codes link to fraudulent sites or malware downloads where unsuspecting users.
To avoid being caught by scammers this Black Friday it is important to be vigilant and raise awareness of these scams. Some of our other best practices include:
If it’s too good to be true, then it probably is!
It’s unrealistic to think that a coupon for 75% off products from an expensive retail brand is only offered on a specific website rather than the brand’s own website. Stick to the brand’s own legitimate website and try to type the specific website URL into the address bar rather, than using a search engine.
Share the love not the likes
Review posts before you like them or share them. Trust your instincts and protect your friends from fraudulent posts. It is important to review the content that you may have previously liked or shared. If the content has changed or it looks different then it is best practice to unlike or un-share it and always flag it with the social networking site.
If the product is for free – then you are giving your information away for free
Be careful what personal information you give away in order to receive the free coupons, discounts or vouchers. If the coupon is for free and asking for personal details then, it’s more than likely that you could receive unwanted malware or become a victim of identity theft.
Be aware of social engineering and the scams that will target you both at home and at the workplace
Being aware of social engineering and the practices that cybercriminals will take to steal your information will help protect you and your company. Awareness will help you be more vigilant and less susceptible to falling for their scams.
Metacompliance are producing a new range of social engineering eLearning courses to the market. If you are interested in raising awareness amongst your employees and colleagues, then contact us today.