Unmissable deals, a limited time period, and billions of pounds being spent online – it’s music to cybercriminals’ ears. This time of year offers scammers the perfect opportunity to trick users into thinking they’ve found a great deal and must act quickly, only to find themselves the victim of a Black Friday scam. The consequences of Black Friday scams can be devastating for both businesses and consumers - here are our top tips for avoiding them.
What is Black Friday?
Black Friday originated in the US and has become increasingly popular within the UK in recent years. Occurring annually, the Friday after Thanksgiving, it’s a huge event that sees thousands of stores slash their prices for the weekend, so shoppers can take advantage of great deals in the run-up to Christmas. Black Friday has even extended into ‘Cyber Monday’ and further into ‘Cyber Week’ where deals can continue to be found online.
Black Friday scams will be even more common this year
In-person shopping was already on the decline, but Covid-19 and subsequent lockdowns accelerated this change, meaning more people are doing their shopping online rather than visiting brick-and-mortar shops. Much Black Friday shopping will be done online, even for those who aren’t internet-savvy and are unaware of cyber security best practices.
What kind of Black Friday scams are out there?
During Amazon Prime Day 2020, hundreds of sites were found to be replicating the Amazon site in order to trick users into divulging personal and financial information. Emails impersonating Amazon would be sent out, claiming to be about order cancellations or returns. This would lead users to a site that impersonated an Amazon customer service website, asking users to fill out a form with their personal and financial details.
Watch out for emails that suggest there’s something wrong with your account, or claim to share offers that seem too good to be true. Scammers aim to take advantage of your concern – or your eagerness to get a great discount – and lure you into sharing sensitive information.
Messaging apps and social networks
Increasingly, cybercriminals have been using social media and messaging platforms in order to come across as trustworthy to unsuspecting users. In 2018, WhatsApp was used by hackers to trick users into believing they had been awarded a 99% discount at various retailers. The link exposed victims to malware and other cyberattacks.
Double-check the web address
Scammers will often create very similar domain names to those they are impersonating, so double-check that you’re on the correct website. They may have added in hyphens or duplicated a letter, which isn’t always easy to spot.
Check for the little padlock symbol next to the web address – this indicates whether or not your information – such as passwords and card details – is secure and will not be intercepted when sent to this site (the padlock doesn’t guarantee that it won’t be stolen once it gets there, though, so it’s important to check you’re on the correct website before entering any information).
Be cautious of clicking links in emails
Emails about the latest offers and big discounts can be enticing but think twice before you click. Scammers can make it look like their emails are from a particular brand, but on checking the actual email address you may find that it’s a ruse. Other things to look out for include spelling and grammar mistakes, a sense of urgency persuading you to act immediately, and discounts that are much bigger than usual.
Don’t buy from shops you haven’t heard of
The combination of Black Friday discounts and the rise of e-commerce means that popular items will likely go out of stock quickly. However, this doesn’t mean you should go searching elsewhere and buying from websites you haven’t heard of before! Buying from well-known brands, or supporting local businesses that you know of, gives peace of mind that your money is going to a legitimate company.
Top tips for consumers:
- Shop with a credit card instead of a debit card – they offer increased payment security
- Use your own Wi-Fi network rather than a public connection that is easier to hack
- If you’re unsure about a link sent to you by email or message, go directly to the website
Top tips for retailers:
- Make sure your payment methods are secure and PCI compliant
- Actively look out for any potential scams impersonating your brand
- Implement cyber security measures to protect your website from attackers