Although Black Friday and Cyber Monday started out as very much an American tradition, it is now firmly ingrained in the psyche of those on both sides of the Atlantic. We’ve all seen the chaotic scenes of the foot traffic that descends on shops at this time of year and as a result this has seen many people decide to snag a bargain from the relative safety of their computer, tablet or mobile device.
For example, last year’s Black Friday broke US online sales records with $3.34 Billion being spent online, a 17.7% increase on the sales of the previous year. According to PayPal, consumers embraced mobile shopping during last year’s Black Friday so much that PayPal handled $15,507 in payments per second.
Let’s face it, most of us will at least have our interest piqued by Black Friday. Even if we don’t buy anything, we’ll likely have a snoop through the festive bargains anyway. However, when using our electronic devices for online shopping, it’s important to be vigilant as this shopping extravaganza is one which cyber criminals capitalise on.
Have a look at our seasonal phishing template below. Would you fall for it? We’ve created this to mimic the types of emails you would receive from would be scammers.
Action Fraud, the National Fraud and Cyber Crime Reporting Centre, have revealed that they have received multiple reports this festive season from victims who have been sent convincing looking emails claiming to be from Amazon.
Hackers can spoof emails from Amazon to make them appear as if they come from firstname.lastname@example.org. In the example above it appeals to the recipient to sign up for big savings throughout Amazon’s Black Friday week. In this example, it claims to offer 50% off Prime memberships.
If the user clicks on that link it will then take them through to an authentic looking Amazon page that asks them for their important details such as name, address and bank card details in order to get their 50% off Prime membership. It is precisely this level of sophistication that you should look out for.
Here is a handy guide on what you should look out for with any email:
• the sender’s email address doesn’t tally with the trusted organisation’s website address – it may contain one extra character or misspelling.
• the email is sent from a completely different address or a free web mail address
• the email does not use your proper name, but uses a non-specific greeting like “dear customer”
• a sense of urgency; for example, the threat that unless you act immediately your account may be closed
• a prominent website link. These can be spoofed or seem very similar to the proper address, but even a single character’s difference means a different website
• a request for personal information such as user name, password or bank details
• the email contains spelling and grammatical errors
• you weren't expecting to get an email from the company that appears to have sent it
• the entire text of the email is contained within an image rather than the usual text format
• the image contains an embedded hyperlink to a bogus site.
Remember that the holidays provide ample opportunity for cyber criminals to take advantage of the unsuspecting. Be vigilant and stay safe while grabbing yourself a bargain on Black Friday or Cyber Monday.
For more tips on how to avoid festive scams this Christmas, check out our upcoming webinar.
Have you experienced a sophisticated scam recently? Perhaps one that has used the festive season and the shopping holidays to lure users in. Let us know in the comments below.