The upcoming Black Friday / Cyber Monday weekend has evolved into the start of the holiday shopping season. Last year saw an increase in online shopping by almost 22% for a record of $9 billion over the weekend in 2020. Even though the pandemic is not in the same place it was a year ago, consumer behavior has changed over the past two years, and the number is expected to grow this year. With all of that money moving around the internet, cybercriminals will be looking to take advantage of consumers. Below are three scams we are tracking at the top of the list this year.
Item notification you didn’t order
The fake item is a classic phishing scam. You receive an email about an expensive item you ordered from Amazon or another large retailer, but you didn’t actually order the item. Usually the email shows an “issue” with the order and asks you to click the link to resolve the issue. Like most phishing emails, they are written to evoke emotion and make you click before you have time to think. This year, with the increase in text message phishing, we look for these types of attacks to move from email to the mobile phone.
Instead of clicking the link in your email or text message, take a moment, and log into the service they claim to represent. Look for the unwanted item in your order history instead of the link provided.
Fake delivery notification
Similar to the item you didn’t order, the delivery notification scam appears to come from USPS, FedEx, or UPS. The notification also will usually be an “issue” with your order that you can fix by clicking the link. These fake notifications may also come in the form of email or text message. Consumers are used to receiving legitimate text messages from delivery services with links in the text message, so it’s very easy for criminals to replicate a delivery service’s text format and plug in a malicious link.
If you have a package you are waiting for and receive a message from a delivery service, this likely means you have an account with the service. Instead of clicking the link in the text message, log into your account from a web browser and manage the options for delivery through their site.
Item never arrives
Consumers will be scouring the web for deals this weekend. Criminals set up fake websites for popular items, then by the time you realize the item never came, the web site is gone. We are already seeing phishing scams around popular game consoles this year. There is a documented phishing site for Walmart PS5 Black Friday pickup active now.
If there are items at a price too good to be true on a website you don’t recognize, it’s probably a scam. Be sure to deal with reputable retailers this weekend, and if you find an item on a site you are unfamiliar with, do your research. Look for a customer service phone number and a physical address for the company.
Quanexus IT Support Services for Dayton and Cincinnati
Request your free network assessment today. There is no hassle, or obligation.
If you would like more information, contact us here or call 937.885.7272.
Follow us on Facebook, Twitter and LinkedIn and stay up to date on by subscribing to our email list.