Black Friday Scams: How to Stay Safe Online
As Black Friday approaches, more email scams are to be expected. To shed some light on these issues, first direct looked at the latest scams and most common tactics used by cyber criminals and collated tips on how people can protect themselves against these attacks.
Phishing emails & texts
Phishing emails are a common way scammers target their victims, and we expect to see an influx of phishing emails in the run-up to Black Friday, promoting deals and services you might want to make the most of for Christmas. Fake emails will be sent with the pretence they are from large organisations that customers will usually trust, selling services or products at discounted prices.
These emails will direct victims to a convincing copy of the company website they think they are interacting with, before asking users to input personal details, which will then be stolen.
Action Fraud advises that if you have received an email which you’re not sure about, forward it to the Suspicious Email Reporting Service (SERS): [email protected]. You can also report those directly to your bank.
Once the email is sent, the National Cyber Security Centre (NCSC) will analyse the suspicious email and any websites it links to. They’ll use any additional information you’ve provided to look for and monitor suspicious activity.
If they discover any activity that they believe is malicious, they may:
Seek to block the address the email came from, so it can no longer send emails
Work with hosting companies to remove links to malicious websites
Raise awareness of commonly reported suspicious emails and methods used (via partners)
Festive holiday fraud
In the run-up to Christmas, you might be wanting to book a winter break, or make the most of Black Friday deals to book a holiday for 2023. However, be careful on Black Friday.
Scammers sometimes target holiday and accommodation booking websites to trick customers into paying for services that are not available or do not exist.
In a lot of these situations, victims only realise they have been the victim of scamming when they turn up for flights or accommodation.
Here are ways consumers can spot a potential holiday scam:
You’re contacted unexpectedly by a travel agent or company you’ve never spoken to before, offering a holiday at an unusually low price.
The details, pictures or address of the property or hotel on offer look suspicious, or independent website reviews aren’t favourable or don’t exist.
You’re asked to pay using bank transfer or cash; pay with a credit card or with a debit card if you can for extra protection.
It looks too good to be true! If a holiday deal you see online feels a little bit too cheap, there’s a chance this could be a scam. Pause and consider the legitimacy of the website selling the deal.
Copycat government websites
In the run-up to the festive period, which is often an expensive time of the year, criminals will be aware that many people will be looking for support around the cost of living rise. Some criminals will lure users in with copycat websites and offer services such as energy bill support schemes, tax rebates, or other cost of living support measures. The scammers will often charge victims a fee for these services and not process any applications at all, or aim to steal your personal information.
If you receive a text or a call claiming to promote a Government support scheme, it’s important to be careful:
If you are due a tax rebate, HMRC will write to you – if you receive a text, call or email claiming to be from HMRC, it’s very likely to be a scam. Council tax and energy rebates are applied directly and customers do not need to apply for a refund.
Always access any resources about cost of living support through the official Government website
Bank impersonation scams
There’s been a steep rise in scammers pretending to be from your bank and urging you to move money into ‘safe accounts’. As we come up to Black Friday, scammers might use this occasion as a way to lure you into sharing your details by pretending to be your bank and telling you you’ve been victim of a Black Friday scam, assuming you might have made a purchase around this time.
They use clever techniques to seem legitimate, such as sending scam emails or texts, which urge you to click on a link, using information they’ve found out about you or calling from a number that looks legitimate.
There’s a number of ways stay safe from these scams:
· Never move money to a ‘safe account’ if asked to do so
· Never share any one-time codes
· Remember to challenge suspicious calls or texts and contact your bank directly using the number on your card
Parcel delivery scams
A very common scam around this time of year are parcel delivery scams, where you will receive a text or email appearing to be from a courier company or from Royal Mail, telling you you’ve missed a parcel and need to input personal details to organise a redelivery.
At a time of year where you’ll likely be buying things online and expecting deliveries, it can be very easy to fall victim to this type of scam, particularly as the text or email will often look perfectly legitimate.
To protect yourself, it’s important to do the following:
Don’t click any links in the email or text
Check the text or email for misspellings of your name or the courier company – if a text, this will often come from a random mobile number, and a fake email will often come from an email address that doesn’t look like a legitimate company email
Don’t input any personal information – a legitimate company won’t ask for personal details to book a redelivery
Treat any unexpected requests for money to request the delivery with suspicion
Other Ways to Protect Yourself Against Online Scams
You can protect yourself in a number of ways by applying some simple ground rules. Here are some tips for staying safe online compiled by first direct:
Stick with trusted companies and always check online reviews
If a deal feels ‘too good to be true’ – it usually is! Be mindful of anything that feels too cheap – there is usually a reason for this
Always use secure sites with “HTTPS” in the web address
Never give your passwords, PINs or bank account numbers
Never pay for goods by bank transfer and be suspicious if you are asked to do so
Use different “strong” passwords for different accounts, as this will help protect your information in data breaches
When entering sensitive information or online shopping while away from home, try to use your network data rather than less secure public Wi-Fi hotspots
Do not open suspicious texts, pop-up windows or click on links or attachments in emails – delete them
Instead of clicking on links in online ads, it can be more secure to visit retailer websites directly
Install security software such as anti-virus and two-factor authentication. This kind of software is often available for free.
Keep all security software and operating systems updated (this can be set to update automatically)
Book holidays directly with an airline or hotel, or through a reputable agent. Check whether they’re a member of the Association of British Travel Agents