Black Friday and Cyber Monday

Watch For Scams is dedicated to helping you avoid becoming a victim of fraud.

If you like this ezine, do a friend a big favor and forward this to them. If a friend forwarded this to you, and if you like what you read, please subscribe by visiting the link below:

Subscribe Here

Black Friday and Cyber Monday

And make money they do. In the last five years, the Internet Crime Complaint Center (IC3) said it has received 3.79 million complaints for a wide range of internet scams, resulting in $37.4 billion in losses.

Today, we’re warning of several online threats that could target you over the next few weeks and months: brand impersonation and fakes, credit card skimming, and malvertising.

1. Brand impersonation scams

Temu ads offer discounted PS5s

Scrolling through Facebook, we were presented with a couple of posts advertising discounted PS5s. Of course, it’s tempting to get a discount on high-value items like a PlayStation 5, but Temu doesn’t actually sell PS5s.

If you click the play button on the “video,” you are instead redirected to a Temu page selling various PlayStation accessories that are not official or in any way approved by Sony.

Fake Amazon offers you great deals this Black Friday

Amazon is relatively low cost, it’s convenient, and you can look at someone’s wish list on there. Except in this scam we caught online, the website isn’t really Amazon. The web address is amazonshops.vip/#/index. Fake online stores like this use Amazon’s branding to sell counterfeit products. Even if you take the risk and buy a knock off product, you have no guarantee of receiving the merchandise, and definitely no buyer protection.

Walmart makes it easy for you to buy gift cards

Nothing says “I saw this and thought of you” like a Walmart gift card on Christmas day. But make sure you are buying from the right website.

Again, we found a fake website address at walmartgift.net — this website might look Walmart, but it’s a fake that will happily take your money in exchange for nothing.

“USPS” now delivers you fraud

If you’re taking advantage of Black Friday sales and buying many things at once, it can be tricky to keep track of what you’ve ordered. Even if you do know what’s coming, you often don’t know which package service will deliver it to your door. Scammers take advantage of this and will send fake delivery notice emails that encourage you to click on them.

With this fake USPS site, you are asked to pay a small fee to have your delivery processed. However, once you hand over your card details the scammers can take whatever amount they like and sell your details to other criminals.

2. Credit card skimmers

When visiting a site that has a card skimmer on it, you’ll likely have no idea it’s even there. However, a single script injection is enough to steal your credit card data.

When looking at compromised websites, it can be hard to tell what—if anything—is wrong. However, if a site looks like it hasn’t been maintained in a while (for example, it displays outdated information, such as ‘Copyright 2022′) you should avoid entering in your card details. Most compromises happen because a website’s CMS and its plugins are outdated and vulnerable.

3. Malvertising increases in line with gift shopping

Ads originating in Pakistan and Vietnam account for 90% of the fraud.

Most (77%) of the accounts are used once only—created quickly and then burned. Once that account is dead, cybercriminals spin up the next one and on it goes.

No brand is safe from malvertisers. We’ve tracked campaigns that spoof Google, Amazon, eBay, Walmart, and Lowe’s.

Our advice: It’s not always easy to tell a real ad from a scam, so it’s best to avoid clicking on sponsored ads at all. Use genuine search results or navigate directly to the site yourself.

How to shop safely this holiday season

Don’t get rushed into making decisions. Scammers will use a sense of urgency to pressure you into performing quick actions before you can properly think things through. Take your time before doing anything like clicking links or entering card details.

Get an ad and malicious content blocker. If you’re blocking ads then you can’t be tricked into clicking on them. Keep an eye on your financial statements: An uptick in online shopping deserves an uptick in vigilance with checking online bank accounts, credit card statements, investment portfolios—in fact, any financial account data. Flag anything that seems suspicious with your provider.

Protect your online accounts. Use a different password for every account (a password manager is super helpful in generating and storing all your passwords), and set up multi-factor authentication (MFA) wherever you can.

Protect your devices: Most security products offer some kind of web protection that detects malicious domains and IP addresses, web and phishing protection.

Clean up your personal data online: Cybercriminals use publicly available information in their scams, so check what information is available about you online.

Remember - always watch for scams!