As online shopping continues to grow, especially during the holiday season, cybercriminals are seizing the opportunity to lure victims with fake websites, counterfeit promotions and shopping scams.
The good news? You can shop online safely by recognizing common red flags and following a few simple tips.
Fake Online Stores
Cybercriminals create fake websites that mimic legitimate retailers or use the names of well-known brands. When you search for the best online deals, you may find yourself at one of these fake sites.
Criminals often promote them on social media with wildly discounted items. By purchasing from such websites, you can end up with your credit card information stolen, counterfeit or stolen goods or no delivery at all.
Protect yourself by taking the following steps:
- Shop with trusted retailers. Buy from online stores you already know and have done business with previously. Bookmark them in your browser. You may not find that incredible deal, but you are far less likely to get scammed.
- Be suspicious of deep discounts. If an ad or promotion is significantly lower than those you see at established online stores, it’s probably a scam.
- Check for contact details. Avoid websites with no contact information, broken contact forms or personal email addresses. A lack of physical addresses, phone numbers, customer service contacts and clear return policies is also often a clue of suspicious websites.
- Examine the web address. Be suspicious if a website looks just like one you've used in the past, but the domain name or store name is different. For example, you may be used to shopping at Amazon, whose website address is www.amazon.com, but this time, you end up at a fake website that looks similar, such as www.aamazon.deals.
- Search for reviews. Type the store’s name or URL into a search engine to see what others have said about it. Look for terms like "fraud," "scam," "never again" and "fake."
- Be wary of payment methods. Sites that only accept wire transfers, gift cards or cryptocurrency are often used by scammers.
- Secure your accounts. Protect your online accounts by using unique, strong passwords. If remembering them is difficult, consider storing them in a password manager. Enable additional security features such as multifactor authentication (MFA) and passkeys wherever they’re available.
Scammers On Legitimate Shopping Websites
Some online stores offer products sold by individuals or small businesses, and scammers can hide among them. Check each seller's reputation before placing an order by reading their reviews. Be wary of sellers who are new to an online store, lack reviews or who sell items at unusually low prices.
Online Payments for Purchases
Another way to protect yourself is to regularly review your credit card statements to identify suspicious charges. If possible, enable your credit card account to notify you by email, text or by app whenever a charge is made to your credit card. If you find any suspicious activity, report it to your credit card company immediately.
Use credit cards instead of debit cards for online payments. Debit cards take money directly from your bank account; if fraud is committed, you'll have a much harder time getting your money back.
Electronic payment services or e-wallets such as PayPal are also a safer option for online purchases, since they do not require you to disclose a credit card number to the vendor.
This article is redistributed with permission from SANS.