Be ‘E’ careful and don’t get scammed this festive season
Avoid the scam traps in digital purchases this Christmas
Unless you are incredibly well organised and have smartly shopped the pre-Christmas sales, you are likely to be one of the many Australians who resort to e-gifting this year.
With no need to wrap a gift, write a card or send a bulky item in the post, buying an e-gift can be incredibly convenient. But there’s a catch.
E-gift cards raise some security issues, as all that stands between a criminal and money is a long alphanumeric code that can be stolen via cutting and pasting.
At the push of a button, customers can receive e-vouchers straight to their inbox or mobile device and, in most cases, instantly redeem their rewards, thereby avoiding physical, and perhaps inconvenient, trips to a retailer. E-vouchers can also be sent to multiple customers simultaneously and instantaneously. In addition, as online gift cards are practically impossible to lose, they offer yet another clear advantage over physical cards.
Although digital gift cards can seem like a perfect last-minute gift, as with everything in this online-era, the scam masters are out to steal your hard earned money.
People fall victim to holiday scams every year contributing to millions of dollars lost. While, the most popular holiday scams are phishing scams, which also includes voicemail-based phishing and SMS phishing (these scams use unsolicited emails, text messages and phone calls appearing to come from legitimate companies that request personal, financial and/or login credentials), this Christmas is expected to see a rise in card-draining. This is where offenders will steal gift card numbers and use the funds once the card has been activated by the unsuspecting user.
At the store, scammers will discreetly remove the gift card’s packaging, copy down card numbers and pin codes, and then return the cards to the rack. When someone purchases a card and adds money to it, the scammers can use the money remotely.
When buying a gift card, check if the packaging is open or has been tampered with and watch out for websites or social media ads promoting gift cards for popular retailers at steep discounts. These sites might be using offers to steal payment card numbers or other personal information.
According to the Australian National Anti-Scam Centre, there have been more than 250,000 scams reported so far in 2023, accounting for a total loss of more than $429 million.
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, said everyone needs to be aware of the dangerous scams doing the rounds this holiday season.
KnowBe4 founder and IT data security specialist Stu Sjouwerman says by staying educated, you can spot red flags and be better prepared to protect yourself from scams when buying e-gifts or e-cards.
“Phishing remains the number one tactic used by cybercriminals for a reason. As humans, we inherently trust requests coming from people and institutions that we know. This is generally exploited by cybercriminals through spoofing email addresses and phone numbers,” says Sjouwerman.
“Phishing is even more prolific during the holiday season as people tend to lower their defences. It is vital to stay alert of potential scams this time of year. Keep these tips in mind to ensure a stronger cybersecurity defence for a safe and secure holiday season.”
Here is a list of Stu’s top five cybersecurity tips for the 2023 holiday season:
*Verify before you buy. When shopping online, make sure you are dealing with reputable sellers and websites. Double-check seller reviews and ratings, and be wary of deals that seem too good to be true. If possible, use a credit card or trusted payment platform that offers buyer protection, as this can provide some recourse in case of non-payment or non-delivery scams. Avoid clicking on links in emails or social media ads, rather navigate to the sites you want to buy from manually or bookmark them.
More Coverage
*Exercise caution when clicking on links or opening email attachments, especially if they come from unfamiliar or suspicious sources. Watch out for emails (phishing), text messages (smishing), phone calls (vishing), or voicemails that try to trick you into revealing personal or financial information. Always verify the legitimacy of requests before providing any sensitive information.
*Trust your instincts and think twice. If something feels off or too good to be true, trust your instincts. Take a step back, pause, and thoroughly scrutinise the situation or offer before making any decisions. Cybercriminals rely on rushed or impulsive actions, so take your time and think twice before sharing personal information, making purchases, or investing your money. Teach yourself to be suspicious of any messages containing a “stressor” … something that tells you to act NOW! or else negative consequences will happen. Most professional messages, even if they need you to respond quickly, rarely contain “Do it now or else” language.
*Be particularly mindful of delivery note scams this time of year – those are phishing emails or texts pretending to be a delivery company requesting more information from you. When we order things online, we expect these types of messages and are more likely to click when we should not.