5 scams to watch out for when shopping online Previous item Risks and controls of... Next item Cyber insurance and your...

Online shopping


We all love to do a bit of online shopping and according to recent statistics compiled by the Australian Bureau of Statistics, three out of four internet users regularly purchase goods online. And with our propensity for digital bargain hunting set to increase year upon year, there also comes a greater chance of potential attack and exploitation.

Here are five of the most common threats that you face when shopping online and some ways to combat them:

1 Seasonal email phishing scams

Scammers know that you’ll probably have your eye out for emails chock full of great sales, last minute discounts or even parcel tracking information. This makes it a great time for them to launch some seasonal phishing scams to try and lure you to malicious sites or malware.

Some of the most common malicious emails during the holidays are fake FedEx or DHL messages claiming a delivery failed, fake credit card warnings or bogus sales. These emails will look legitimate but will often contain malware or a ransomware variant such as a rather nasty one called Cryptolocker which poses as FedEx, DHL or even Australia Post and has already cost many people a lot of money.  The best way to prevent this type of attack is to avoid clicking links and attachments in unsolicited emails.

2 Fake product giveaways

Every year the holiday shopping bonanza brings us at least one or two “must-have” items for the holiday season, whether they are the brand new LEGO set or the latest gaming console. Cyber criminals do their research and know which items are going to be popular before they hit the market, so use them to lure unsuspecting victims to their trap.

This year, scammers are using the PlayStation 4 and Xbox One to try and steal personal information from victims by tricking them into filling out details to win one of these next-generation consoles.

Of course there’s always the chance one of these giveaways might be legit, but you should be careful where you share your information, and what type of information you’re willing to give up.

3 Dastardly Digital Downloads

During the festive season, hackers will rely on some classic tricks, such as the free Christmas screensaver, ringtone, or e-card offer. In such cases, the adage “if it sounds too good to be free, it probably is” is one you should always fall back on and be careful what you download.

4 Fraudulent e-commerce sites

Cyber criminals have become more sophisticated and setting up a fake website is cinch for them to do. There are a tonne of fake banking sites, social networking sites and even online shopping stores that look just like the real thing but are designed to leverage your trust and steal your personal information, such as your credit card number, or force you into a drive-by download malware infection.

When visiting sites, always pay close attention to the domain names you visit, and double check any online retailers before ordering from them.

5 Booby-trapped Ads and Blackhat SEO

Cyber baddies are always looking for new ways to get you to come to their dodgy web sites. While phishing emails, instant messages, and social network posts with appealing links work, there’s always something new to lure people in.

Two popular new things to watch out for are malicious online ads and search engine optimisation (SEO) tricks. They cleverly buy online ad space or hack online ad systems putting their fake advertisements on legitimate web sites, which redirect back to malicious sites. They also use various SEO tricks to get their web sites to show up in the top results for popular searches.

While criminals are getting smarter and using better techniques, using these tips will help combat them and allow you to shop online with piece of mind.

  • keep your software up to date – Always let Microsoft, Apple, and Adobe (and other products) automatically update your software – this will keep you a lot safer from most cyber attacks.
  • don’t click on unsolicited links or attachments
  • look for the padlock while shopping online – never not share your personal or financial info with an online retailer unless you see a green padlock
  • Use password best practices on shopping sites – You should use different, strong (i.e. long) passwords on every site you visit.
  • Vet online merchants before clicking buy – A little online research can go a long way. Do Internet searches on a merchant before buying from them, paying close attention to customer reviews. When people get scammed they tend to share, so a little research can help you identify fakes retailers.

Sourced – KnowRisk

Phone: (09) 525 3232
Email: enquiry@sit.co.nz
351a Great South Road. Ellerslie
Auckland 1051