Seth Johnson
Everyone wants to start shopping early as Thanksgiving, Black Friday, Small Business Saturday and Christmas season approaches.
Shoppers want to buy and wrap gifts before crunch time requires express shipping. Businesses want to preempt competitors by offering sales earlier and longer. And scammers want to hijack both for their own gain.
Advanced robot, or “bot,” attacks ramped up before the holiday season last year, according to online security company Imperva. The company releases annual reports on the subject and found bot attacks increased 10% in October and 34% in November 2021.
And the Federal Trade Commission reports that Americans lost more than $5.8 million in 2021 from online fraud.
“Retail eCommerce has proven to be a highly profitable target for bad bot operators time and time again,” Imperva said in a 2022 report.
Companies and government entities publish disturbing fraud numbers each year, and most have only increased year over year. But simple steps also protect consumers from risk.
Of course, if you only visit brick-and-mortar stores, your risk of falling prey to online fraud plummets to zero. But for the rest of us, here’s some tips gathered from internet caches everywhere.
The list includes nothing earth-shattering, but the important part is taking the effort to implement one or a few of the ideas.
Stick to websites you know and trust
Fraud schemes range from simple to sophisticated. Technology allows scammers to create official looking retail websites that will disappear overnight after tricking customers into buying bogus items.
Familiar sites like Amazon, Macy’s and other national-recognized brands will stick around, but shoppers should make sure they arrive at the correct website. Scammers will steal company logos and wording to create fake websites.
Check for the “S”
In the URL, verified websites will display “https” while other sites only show “http.” The “s” stands for secure, and most browsers also display a padlock as an added help.
However, this isn’t a foolproof measure. Fake websites can also display an “s.” But a website without a secure setting should be avoided.
Do your diligence
If you click a social media ad and find yourself at an unfamiliar retail site, the company may be legitimate. But look out for awkward wording or a lack of contact information.
Many scams encourage the use of up-front payments like money orders, wire transfers, international funds transfers or pre-loaded cards. Some websites might only offer “special deals” with the use of these payments.
Scrutinize these sites even more closely.
A simple internet search might provide the answer. Open a new tab and Google, Bing or Yahoo the name of the store along with “customer reviews” or “fraud.”
Consider your payment
Jumping off the above point, consider using a payment option that provides protection.
Most credit cards can return your hard-earned money if you fall victim to a scam. Paying through PayPal or other verified third-party applications also offers an extra buffer.
“Password” isn’t a password
Those bad bots floating around look to take control of customers’ online accounts. With access to your Amazon or Walmart account, thieves can purchase items or swipe bank information.
Hackers, aided by tens of thousands of bots, can cover a lot of ground and use common passwords along the way. The top guesses: “password,” “qwerty” and “123456.” Even the extended version, “123456789,” has proven, surprisingly, unsecure.
That’s why many sites now require at least an upper-case letter or number. To protect yourself, try using multiple upper-case letters along with numbers and symbols.
According to best practice, you need to use multiple different passwords as well and should change them. If you want extra peace of mind, consider using a password manager. These programs help generate, store and use complex passwords.
Everyone hears the warnings, but shoppers need to actually take steps. Chances are, you won’t see the impact of your actions. But an ounce of prevention is worth the effort.
Check it twice
Consider using multi-factor authentication. Many top websites allow you to activate the setting. Whenever you, or someone impersonating you, tries to log in, the setting will force you to check your email or text messages to verify your identity.
Don’t trust social media
The Federal Trade Commission reports that scammers have crosshairs on social media. Users lost $770 million to scams originating on social media in 2021.
Companies like Facebook, Instagram or Twitter can’t verify every ad or account. An advertisement with slick marketing and a cool-looking project might lead to a sophisticated website and willingly takes your order.
But the warehouses and products may not exist. This is when a 30-second internet search could save the day.
Scrutinize and trust your instinct
Most everyone’s learned the lingo of surfing the internet. And that experience of clicking around legitimate websites will help sound alarm bells if a fake site pops up. Just take the time to listen and evaluate when you find yourself purchasing from an unfamiliar URL.
If you fall prey
If you’ve already made a purchase and suspect a scam, the Florida Department of Agriculture and Consumer Services recommends the following steps.
- First, try to contact the retailer or auction service. There may be a legitimate reason for the problem.
- If you are not satisfied with the response and suspect that it may be a scam, you may be able to arrange a charge-back through your financial institution if you have paid by credit card.
- Report suspected scams to the Florida Department of Agriculture and Consumer Services by filing a complaint.
- Spread the word to your friends and family to protect them.