[Scam Of The Week]: Black Friday & Cyber Monday Top 10 Fraud Alert Tips



Security_scams-1175843895

We have been warning against these types of scams for years and the bad guys are at it again. Black Friday attracts crowds, crowds attract scammers, and that means you need to take extra care when shopping online over the Black Friday and Cyber Monday weekend. 

About 75% of Americans plan to do at least half of their holiday shopping online this year, shows a new TransUnion 2019 Holiday Retail Fraud Survey. Yes, online shopping skips the crowds at the mall, but you need to navigate an increasingly dangerous cybersecurity minefield. 

I suggest you send this reminder to your users. Feel free to edit, copy/paste: 

"It's Holiday Season for the bad guys too! But not the way you might think. They go into scam-overdrive mode. Black Friday and Cyber Monday are the busiest on-line shopping days and the bad guys are planning to get rich with your money. So, here are the Top 10 Fraud Alert Tips

  1. Never click on links in emails. If you want to shop at a site, enter that site address in your browser. There are thousands of fake sites that look almost identical to the real thing. Don't fall for evil-twin shopping sites.
  2. Don't open attachments with special offers. It's a classic scam. The offer should be in the email and you should be able to see it right away. 
  3. Watch for malicious ads and popups. Do not click on ads that sound too good to be true, and ignore popups that might propose the "best deal ever". 
  4. Beware of e-skimmers. This is a new one. Do you know that bad guys sometimes skim your credit card at gas stations or ATMs? Well, there is a new flavor of that, the shopping website you order from might be infected with a "e-skimmer" and they steal your card data when you check out. You can prevent that by using PayPal or Amazon. 
  5. Use a credit card to buy stuff online if possible. NEVER use a debit card to make online purchases but use that debit card to take out cash only.  
  6. Do not shop over a public Wi-Fi. You simply do not know if it's secure and who is listening. Only shop using a secure, trusted network. If you have no other way to shop, use a VPN which encrypts your traffic.
  7. Be very careful when you see a free offer during the holidays. There is an explosion of all kinds of survey fraud and gift card scams. 
  8. Do not re-use any of your passwords. Instead, use a password manager to create hard-to-break passwords. Re-using any password is literally an invitation to get hacked. 
  9. Keep a close eye on your credit card and bank accounts. During this season, unexpected and strange charges might appear which could very well be the first sign your card or even your whole identity has been stolen. If you think you might have been scammed, stay calm and call your credit card company, nix that card and get a new one.
  10. Be especially suspicious of gift card scams. They can be a perfect holiday gift, but gift card scams are skyrocketing. Only buy gift cards from trusted sources.

So, especially this time of year, do not let the bad guys exploit your holiday spirit and use it against you. Remember to stay alert when you shop online! Think Before You Click!

Let's stay safe out there.

Warm regards,
Stu Sjouwerman
Founder and CEO,
KnowBe4, Inc

NewStu-6


Discover dangerous look-alike domains that could be used against you!

Our Domain Doppelgänger tool makes it easy for you to identify your potential “evil domain twins” and combines the search, discovery, reporting, and risk indicators, so you can take action now.

DomainDoppelgangerResultsBetter yet, with these results you can now generate an online assessment test to see what your users are able to recognize as “safe” domains for your organization. You then receive a summary of the test results to understand how security-aware your users are when it comes to identifying potentially fraudulent or phishy domains.

With Domain Doppelgänger, you can:

  • Search for existing and potential look-alike domains
  • Get a report with aggregated results that includes risk indicators, and
  • Generate an online “domain safety” quiz based on the results to administer to your end users

This is a complimentary tool and will take only a few minutes.

Domain Doppelgänger helps you find the threat before it is used against you.

Find your look-alike domains here:

Find Your Look-Alike Domains!

Don't like to click on redirected buttons? Copy & paste this link into your browser:

https://www.knowbe4.com/domain-doppelganger

Subscribe To Our Blog


Traditional Security Webinar Kevin Mitnick




Get the latest about social engineering

Subscribe to CyberheistNews