With Thanksgiving fast approaching, so are Black Friday and Cyber Monday.
last year, National Retail Federation Nearly 180 million unique shoppers were reported in the five days between Thanksgiving and Cyber Monday, beating expectations by more than 21 million. According to the NRF, 104.9 million of those shoppers visited brick-and-mortar stores, and 127.8 million shopped online (some both in-store and online).
Of course, Cyber Week brings major takeaways: Sales growth in 2021 drives nearly $40 billion in online spending, annualized adobe.
But the onslaught of online transactions isn’t just attracting eager shoppers — it’s also presenting cybercriminals with the perfect opportunity to scam people out of their money.
“Cyber Monday and Black Friday opened the door for adversaries to make offers,” said AJ Nash, vice president of intelligence at ZeroFox. “Perhaps if it were a Wednesday in July, you’d go, Man, this seems too good to be true. But come Cyber Monday, you’re gone, Oh, maybe this is a stepping stone.Maybe someone really gave away this amazing thing for free“
Nash worked in the intelligence community for nearly 20 years and described himself as a “traditional intelligence officer” before he was recruited to work on cyber-focused contracts before moving into the private sector.
entrepreneur Sit down with Nash to discuss how online scams have become more sophisticated over the years, and how to protect yourself from the most cunning cybercriminals.
RELATED: Cyber Fraudsters Made $2.3 Billion From Email Wire Scams
“Technology makes imitation easier.”
Phishing, the process by which attackers send fraudulent messages to trick others into sharing sensitive information or introducing malware, is one of the oldest techniques in the cybercrime books.
But the “spray and pray method” in which cybercriminals try to maximize the number of their scams for maximum payoff has been updated over the past few years, Nash said.
“Technology makes imitation easier,” he explained. “It costs very little to buy a domain name that looks very close to the real one. It’s a typo, or they use a lowercase ‘L’ instead of a capital ‘I’. There are so many different ways to set it up.”
From fake websites to text message scams, online scammers are adept at weaving webs that appear legitimate. For example, a link sent via SMS might return a website that appears to be genuine.
“The longer you go along those paths, the more trust it creates if the adversary is connecting things together and layering them,” Nash said. “If you believe the first thing, everything else reinforces your idea of being a potential victim.”
The scams themselves run the gamut, though no-delivery scams (in which shoppers are tricked into buying items that never arrive) and gift card scams (in which people are tricked into paying for or making purchases with virtually untraceable gift cards) remain some of the most common. .
Another rich man’s arena for scammers? social media.
“Social media is a huge opportunity,” Nash said, “to build social media accounts and get people on board, especially when you’re dealing with social media platforms that don’t do a particularly good job of policing what is and isn’t a valid account. When. What’s not.”
And, if you do fall for a fraudulent post, disaster can ensue with just one click. Click that link that promises a lifetime deal for the first 500 customers, and you risk having your personal information stolen or your device stolen.
RELATED: How to Avoid Being Defrauded by Influencers
How to Avoid Online Scams on Black Friday and Cyber Monday
So how do you stay safe when shopping for the best (legal) deals of the year?
First, never forget that if a bargain sounds too good to be true, it probably is, says Nash.
As soon as you suspect that you may be a target, do your own research. For example, if you receive an amazing offer with a link, don’t click on it.
Instead, Nash suggests, take a close look at the URL, searching for any changes to the real retailer’s URL—whether it’s a misspelling or a case swap. Copying the address into a word document and switching fonts makes it easier to spot the difference.
You should also pay close attention to the message itself. Inappropriate English and grammatical errors are red flags, Nash said.
Another simple strategy? Type the transaction into your browser and see if it shows up elsewhere.
“If you start Googling it and you seem to be the only one who knows where this thing is, chances are it doesn’t exist,” Nash explained. “You’re not that special. None of us are.”
It’s also good practice to avoid disclosing sensitive information as much as possible, even if the site appears legitimate. Consider using a separate credit card for online orders; some financial institutions even offer virtual credit cards. Both options prevent cybercriminals from “moving the rest of your finances laterally,” Nash said.
RELATED: 11 Ways to Protect Your Business from Cybercriminals
Also, it’s important to make sure you use different usernames and passwords for all your accounts.
“If they trick you into the site and you give out your information, [for a] A lot of people, it means you’re giving up everything because you’re not just giving up a Visa or a MasterCard,” Nash said. “It turns out that’s the only password and username that’s used for everything. Now more than ever, remember to randomize passwords and use password management and two-factor authentication. “
If you do make a purchase and have doubts afterwards, it’s probably not too late to protect yourself. First check to see if you have received a confirmation email with tracking information – if not, this is a bad sign.
“It happened to me, about 10 years ago,” Nash said. “I have a laptop – it’s unbelievably good, but not particularly good. And I got a tracking number that didn’t match; the post office couldn’t figure it out, etc. Well, look, that laptop The computer was never delivered to my house.”
But depending on your payment method and relevant insurance terms (which you should check before you shop), you may be able to get that money back, Nash points out.
Keep these strategies in mind for success and Safe Cyber Week this year.