With the holiday season upon us, millions of consumers are gearing up for Black Friday and Cyber Monday, the busiest shopping periods of the year. However, this festive period is also the most vulnerable when it comes to online fraud. Cybercriminals are taking full advantage of this heightened activity by using stolen personal data to launch targeted scams. According to the Cybersecurity and Infrastructure Security Agency (CISA), reports of online shopping scams spike during this time, as scammers exploit the rush, distraction, and excitement of holiday deals to increase their chances of success.
One of the most common tactics employed by scammers is the creation of fake online stores that mimic well-known brands. These fraudulent websites often have very similar URLs and use copied images, logos, and discount banners to deceive shoppers. For instance, fake IKEA sites like ‘ikeaa-sale.com’ and ‘ikea-blackfriday.shop’ have been known to mimic the official IKEA site, luring customers with deep discounts and then stealing their credit card information. Once the purchase is made, the customer never receives the product, and the information is then used for further fraud.
Phishing emails and texts are also a major concern during the holiday season. Scammers often send out emails that appear to come from reputable retailers like Amazon, using urgent tones and malicious links. These emails typically claim there is an issue with the order or delivery, prompting the victim to click on the link, which can lead to malware infections or the theft of personal information. The article notes that while these phishing attempts can be sophisticated, there are clear signs to identify them, such as discrepancies in the sender’s email address or the presence of unusual URLs.
Moreover, the article highlights the role of data brokers in enabling these scams. Data brokers collect and sell personal information, which is then used by scammers to craft highly personalized attacks. For example, some of the most popular shopping apps, such as Temu, are known to sell location data to third parties, leading to increased instances of fake delivery texts. These texts often contain phishing links that can install malware or steal personal information, underscoring the need for users to verify the authenticity of such communications by cross-checking with the store’s official website.
In response to these threats, the article advises consumers to take proactive measures to protect their data. This includes removing personal information from data broker databases, using strong and unique passwords, and enabling two-factor authentication for all online accounts. Additionally, consumers are encouraged to avoid using public Wi-Fi when making online purchases, as this can expose sensitive information to cybercriminals. By adopting these measures, individuals can significantly reduce the risk of falling victim to holiday shopping scams and ensure a safer online shopping experience.