In the age of online shopping, the pursuit of the best deals during the festive season is increasingly common. However, as consumers flock to the virtual marketplace, cybercriminals seize the opportunity to exploit vulnerabilities, leading to a surge in scams. The West Midlands Cyber Resilience Centre (WMCRC), CDS Defence & Security offers crucial guidance to Bira members on safeguarding against festive cyber scams.
The cost of scams
Barclays conducted a study revealing a 22% surge in scams during the festive season, with an alarming £10 million lost to cybercriminals last year. Shockingly, 91% of the British public fails to verify the registration status of unknown companies on Companies House. The 25-34 age group remains the most vulnerable, facing an average loss of £970 per victim during the Black Friday and Cyber Monday period.
Scams to beware of
1. Fake Order Scams:
During the festive season, cybercriminals exploit the chaos of online gift shopping by sending fake order confirmations or requests for information. These seemingly legitimate communications may contain malware or phishing links to steal personal information.
2. Fake Tracking Numbers:
Scammers send fake tracking notifications, often as attachments, leading users to dodgy websites that compromise devices for identity and data theft.
3. Phony Websites:
Fraudsters create fraudulent websites mirroring legitimate ones, enticing users to shop for non-existent goods. ‘Hot Deals’ sections may further deceive users into paying for products they will never receive.
4. Fake Social Media Advertisements:
Attackers create mock versions of legitimate promotions on social media platforms, containing malicious software or links that execute malicious code upon clicking.
5. Fake Charities:
Malicious actors set up fake charities, taking advantage of the surge in charitable donations during the festive period. High-pressure tactics are employed to extract as many donations as possible.
6. False Discounts:
Scammers lure victims with advertisements offering appealing discounts, leading users to fraudulent websites for the theft of personal and financial information.
7. Gift Cards:
Attackers send texts and emails with hidden links that, when clicked, install malware on devices for the theft of personal information.
Staying protected
1. Research and Verify:
Research products and suppliers before making purchases, especially if the deal seems too good to be true. Verify the authenticity of sellers, especially when dealing with in-demand items.
2. Be Cautious:
Exercise caution with big discounts. Cross-reference information, check for contact details, and be wary of organisations with insufficient information. Verify gift cards with the sender before clicking on any links.
3. Look out for Phishing/Smishing:
Identify potential phishing emails by checking the sender's email domain, looking for misspellings, poor writing, and messages that create a sense of urgency. For SMishing, be cautious of messages from unverified sources, assess the tone, and question messages demanding quick responses.
As Bira members, staying vigilant and informed is essential in protecting yourselves, your families, and your businesses from festive cyber scams. Report any suspicious activity to the National Cyber Security Centre (NCSC), ActionFraud, or Citizens Advice to contribute to the collective effort against fraud and cybercrime.
You can find more guidance and information on protecting yourself and your business from cyber crime in your Cyber Security Hub