Article Lead Image

How to avoid getting scammed on Cyber Monday

Christmas comes early for phishers.


Miles Klee

Internet Culture

Black Friday sales are ugly, cutthroat affairs, but finding your bargains in real life still presents a few advantages over the increasingly popular Cyber Monday: no usernames, no passwords, no pop-ups, and no identity theft. Digital crime is a rapidly expanding industry, and security experts have continued to warn that the year’s biggest online shopping event is a bonanza for con artists of all kinds. 

Everyone knows you ought to back up anything that can be wiped from your computer, beef up any privacy settings, and install the strongest anti-malware measures. Throughout your consumerist frenzy, you’ll skirt disaster nonetheless. Especially for a harried customer already suffering from decision fatigue, it’s all too easy to make one wrong click, so recognizing common red flags is key. 

Phishing attacks, in which a thief attempts to expose a password or credit card number, are popular right now; often they come in the form of an email or text, purportedly from your bank or another trusted business, that asks you to “confirm” or “verify” some sensitive personal information. Shoppers should be extremely wary of any unexpected message to that effect, or risk cooperation in their own hacking. Likewise, clicking on Twitter links or opening email attachments from unknown sources—“coupons” that have to be downloaded, for example—can introduce spyware that siphons out personal data. 

Last year saw many duped by a text message that promised a $1,000 Best Buy gift card in exchange for the recipient entering a code on phony websites and, and Scambook warned that a similar con may surface this year, possibly in connection with another retailer, like Target or Walmart. Yet another phishing scam relies on faked Google search results achieved with “blackhat SEO” techniques. Once people clicked through, “the javascript could detect Internet Explorer users and prompt them to install an ‘Internet Security Suite’ for the fake anti-virus notification they would also send. Users would download this security software, which itself was a virus.”

As far as browsers go, Google Chrome and Mozilla Firefox are considered more secure than Internet Explorer, but that doesn’t mean they’ll protect you from certain “one-day-only” websites and sellers of counterfeit goods. Even if no one steals your credit card info, you may be getting ripped off on product, so it’s best to stick to familiar, secure sellers (look for an “https” or lock icon in the URL to indicate that your info is being encrypted) and avoid special offers that look too good to be true—they almost certainly are. In fact, you’re better off leaving phrases like “Cyber Monday deals” out of your search queries altogether, since those are the telltale terms that hackers have latched onto.

Privacy software company Cocoon has a few final recommendations that may not have occurred to you: It’s better to pay with a credit card than a debit card, for one, because if the latter is compromised, the hacker will have access to your checking account, and it’s more difficult for a bank to reverse any unauthorized transactions. Secure home Wi-Fi is also vastly preferable to a public signal. Criminals, they note, have even used QR codes to infect a device with malware or link to a phishing site, so only use a QR scanner that will block and warn you of a malicious code.

Of course, when you’ve internalized all that, the really hard part begins: figuring out what on earth to buy for your sister.

Photo by Don3rdSE/Flickr    

The Daily Dot