If you love to shop online for gifts during holidays for your loved ones, watch out for the scammers trying to steal a great deal, too!
Finding the perfect gift during festivals is an endless scramble often requiring buyers to look into hundreds of websites and click tons of buy now buttons. And scammers know this. They know your haste, your vulnerability, and they also know you are more likely to react to promotional advertisements in your email and messages from brands you know. Fraudsters take advantage of this situation and penetrate through your personal information to trick you. This is part of how most phishing scams work.
Cyber security experts note that 32% of all data breaches involve phishing in one way or another. Typically a scammer relies on tricking individuals into disclosing personal information such as credit cards, bank details, date of birth, phone numbers, home address, social security numbers, etc.
Phishing scams come in different forms, including link manipulation, email phishing, fake websites, malware, mobile phishing (smishing), voice phishing (vishing), or information request forms.
Cyber expert Timothy Benson states that a common thread that runs through all these phishing scams includes social engineering tactics. He added that phishing scammers prey on the natural human tendency to trust brands. This leads consumers to blindly follow the links sent by scammers through emails they think are from a brand they know.
A preliminary investigation in Singapore led to arresting 35 men and four women over suspected roles in phishing scams. The group was accused of laundering S$20 million. The scam required the accused suspects to dupe innocent shoppers by making them click compromised email links in the guise of promotional advertisements. And when the shoppers were required to confirm their orders from websites, they would be asked to pay using fund transfers to various bank accounts.
Cyber-Forensics.net, a leading company in providing cyber forensic services, cautions shoppers of such phishing attacks that promise convenience and "unreasonably high discounts." Senior analyst Timothy Benson alerts consumers by saying, "verify the authenticity of the information with the official website and look for original sources. Never disclose personal or bank details and one-time passwords with such websites. They could potentially be recording your details to target you again."
Why do scams rise in the holiday seasons?
Cyber experts frequently call festive holidays a season of susceptibility because it is usually around these times; online scams depict a pivotal rise. Jacinta Tobin, Proofpoint's Global Vice president of Cloudmark operations, notes: "There has been a trend in the past few years of scams and phishing related to the holidays and holiday themes in the fourth quarter of the year. We have seen a steady rise in global scams starting in October and increasing through December.”
There is not just one but several factors behind scams surging around holiday seasons. Ben Brigida, director of Security Operations at Expel, explains, "phishing attacks increase during holidays because people are more susceptible to show desire of socializing towards their desired loved ones they care about. It's not unusual to get advertisements promising great deals around this time and have someone ask if you want to buy a gift for the family."
Cyber delinquents take advantage of such situations and may email a great deal that consumers find too good to be true and fall for it. And the situation may grow grave in the coming decade because people are becoming extensively technology reliant.
As consumers rely on clickable links received on their mobile devices to buy gifts from websites during holidays, attackers naturally target them.
But the principal threat in such cases is not only getting duped but also potentially losing your personal information.
What should consumers do to avoid phishing attacks during holidays?
In many cases, it is pretty challenging to identify a genuine brand from a fake brand online because they both follow detail-oriented tactics lucratively to scam innocent buyers. But there are a few tips that can help you stay on your toes.
Think Before you click: A natural tendency to click a link rises ten times more when you know it's from a website you keep ordering stuff from. Scammers know this. That is why they give their email links similar brand titles with minute unrecognizable details. It's OK to click links, but not before you have checked it. Look for these parameters:
- The link is from a trusted website
- Check the brand details (look for brand logo, spelling, capital letter, small letter, unique symbols)
Install Anti-phishing Toolbar: Most internet browsers can be customized with anti-phishing toolbars that can quickly check the sites you are visiting. You can compare them to a list of known phishing sites and stay alert.
Ensure Site's SSL: A genuine website will always have a URL beginning with "https," There should be a closed lock icon near the address bar. Also, check the site's security certificate. Do not open websites that do not have SSL; they may carry malicious files.
Stay informed about phishing techniques: Knowing prevalent scams making news headlines can help escape falling prey to scams. Keep your eyes on the news and media. Find out about them before it's late.
If you feel you have already replied to a scammer this holiday season, take preventive measures like reporting the matter immediately, blocking your credit card, or taking cyber forensics help. For such experts, it is easy to intercept an ongoing transfer if victims react in time and alert the concerned authorities. Such organizations are additionally capable of suggesting a fund recovery process if there is any loss of money in the scam.
About Cyber-Forensics.net
Cyber-Forensics.net is committed to providing the most accurate tracing service for victims of online scams. Cyber-Forensics.net empowers and simplifies the process of tracking down the cyber-criminals and assists in recovering the funds and creating an atmosphere for a negotiated settlement. For more information, please visit http://cyber-forensics.net.