Always on the prowl, cybercriminals are gearing up to take advantage of this surge in digital activity. They know very well how to create attractive lures that are dangerous for the less experienced and can deceive the most seasoned buyers.
Black Friday and Cyber Monday are the starting signal for Christmas shopping. This year, inflation is very much on the minds of consumers, who are looking for offers and discounts more than ever. For that reason and to avoid crowds, many will resort to electronic commerce.
But beware! Always on the prowl, cybercriminals are gearing up to take advantage of this surge in digital activity. They know very well how to create attractive lures that are dangerous for the less experienced and can deceive the most seasoned buyers.
Fortinet, a leading company in the world of cybersecurity, wants to alert consumers to the tactics used by cybercriminals so they can avoid them:
Gift Cards: A Opportunity For Cybercriminals and scammers.
Once the money is taken from you, it is practically impossible to get it back. They use different tactics, from an email asking for financial help for a family member or friend and accepting gift cards as a method of payment to manipulating the gift cards used by stores, scratching the protection layer to copy the PIN and using software to identify when it is activated to withdraw funds. And, of course, by stealing the user’s credentials on an e-commerce platform, with which they will buy gift cards for a significant amount. They use those cards quickly to avoid being tracked.
Video conferences Can Hide An Unwanted Guest.
Video conferencing platforms have become phishing tools since the pandemic began. Cybercriminals send emails inviting people to have personal or professional video conferences. They include a link to download video call software and load a Trojan, a program that gives fraudsters access to sensitive user information and data sold on the black market. Or they redirect you to a platform simulating entering a videoconference program and stealing your access data, which they later join the company’s servers.
The Mobile Phone: An Excellent Gateway For Cybercriminals.
Mobile is a handy tool, but very dangerous. Cybercriminals use text messages (SMS) and even voice calls. With the former, they can include fraudulent links to steal personal data, and with the latter, they request it directly, using it as an excuse that they need it to complete an order the user has recently placed. They also take advantage of the fear of cyber threats to ask for sensitive information that they use maliciously. They often send messages like this: “URGENT: Your bank account has been blocked due to suspicious activity. Call us immediately to restore access.”
Beware of QR Codes!
One method that is beginning to be seen is using QR codes. Fraudsters use this tool in various ways: adding it to popular products or creating banners or marketing materials they leave in physical stores. The victim sees a product she likes and a sign next to it that tells her that she can get the product faster or at a discount if she scans the QR code and doesn’t think twice! In reality, that code leads you to a website set up for some scam or encourages you to download malware.
Tips To Avoid Them
Avoiding these problems is easy. You have to be attentive and pay attention to details. Fortinet experts have developed some simple tips:
- Take care of password management: establish strong passwords for each online account, making sure not to repeat the same one on two platforms and use a password management application to keep track of the different versions.
- Regularly update login credentials.
- When we purchase a gift card, visually inspect it for signs of tampering before loading the funds. It is widespread for cybercriminals to replace the protective layer with a sticker.
- Making payments by credit card: These are the best payment methods because most protect against fraud. As for transaction applications between individuals, such as Bizum, they should only be used when transactions are made between people we know and trust.
- Check the sender’s address before clicking on links sent by email or downloading attachments, even if they appear to be from a trusted source. In most cases, phishing emails are sent from addresses that do not contain the legitimate web address of the alleged sender’s organization.
- Please do not provide any personal data over the phone without first checking with the company that is supposedly requesting it. And ignore the telephone number that the alleged scammers can give us, but search the Internet or any other presumably reliable source for the number to verify it.
- It is important to remember that banks and official bodies rarely contact customers or citizens this way, especially to request information. It is better to get the bank to ask about the message received.