Beware of Black Friday Deals That Are Too Good To Be True

Black Friday Deals Scams Too Good to Be TrueBlack Friday is a great day for anyone looking to nab a retail bargain. And retailers want to see products fly off their physical and virtual shelves by putting out unbelievable offers. “Offers so good, you won’t believe it’s true” – some of them proudly proclaim.

Unfortunately, some of the offers are precisely that, far too good to be true. Criminals are in the mix; preying on both retailers and consumers. Criminals take advantage of the spike in online spending and use the opportunity to hide in the crowds to undertake fraud of various kinds.

Financial fraud is the one that comes to mind first, but identity theft, impersonation, and theft of items, amongst others are all common. On top of that, every year, attackers improve on their techniques to steal information, money, and goods.

Here are five tips to help protect you falling victim to crime and scams over Black Friday.

  1. Value Personal Data Over Card Data 
    While no one wants their card or payment data stolen, it’s easy to forget that criminals often target personal data of shoppers. During the holiday season, it is not uncommon to find websites conducting surveys or asking to fill out forms in exchange for some holiday cheer or a discount on a product.
    Consumers should remain vigilant of what data they are providing, to whom, and for what purpose.
  2. Check Your Statements
    Amongst a frenzy of holiday shopping, it can be easy to overlook or miss a stray transaction. It’s worthwhile spending an extra few minutes looking over all transactions and querying any that look unfamiliar, no matter how small the amount. Doing so can potentially help nip any long-term fraud in the bud.
  3. Stick to Sites you Know
    Many new websites will crop up during busy retail periods offering massive discounts; or even ones that promise free items. Some may even ask you to download their apps on your phone.
    In most cases, these sites are fraudulent and are not easy for the average person to spot. Therefore, when in doubt, chicken out. Pay the extra money and buy from a reputable website you’ve interacted with before.
  4. Stay in Bounds
    Criminals and scammers want nothing more than to take communications with your users out of bounds. The reason for this is because going out of bounds strips away any protection that the platform is offering. 
    For example, if you’re buying something on eBay, don’t accept the invitation of bidding out of the platform either via email or SMS. 

    It can be tempting to go out of bounds, after all, sometimes the platform takes a commission from each sale, and you may want to avoid that. But is saving a few pence really worth potentially losing a lot more to a fraudulent transaction?
  5. Don’t Believe all Offers
    Phishing attacks are popular all year round, but even more so during popular events. Many emails will be received during this season claiming to be exciting not-to-be-missed offers by retailers. Unfortunately, there will be many phishing emails within these enticing users to click on links to harvest personal details or install malware, such as keyloggers or ransomware.

    We’ve already seen reports of a sharp increase in phishing emails in November relating to sales and shopping special offers:

Weekly Special Offer Phishing Campaigns

Source: CheckPoint Research

As always, online it’s worth remembering the old adage that if it looks too good to be true, it probably is.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe To Our Blog

Cybersecurity Awareness Month Resource Kit

Get the latest about social engineering

Subscribe to CyberheistNews