The holiday season can also be the silly season for scammers. Consumers must take extra measures – such as using virtual bank cards – to make it more difficult for scammers to steal your details and your money.
In addition, Black Friday sales have become so popular in South Africa that many retailers have extended their sales to the entire month, which is now known as Black November.
Last year, South African shoppers went all out, spending billions of rands during Black November. But while we are all busy grabbing those amazing deals, cybercriminals are lurking in the shadows, ready to pounce on unsuspecting shoppers.
“Consumers must be extra vigilant about where they buy and how they pay for their purchases in the rush to buy bargains,” warns Doros Hadjizenonos, regional director for Southern Africa at Fortinet.
Cybercriminals can take advantage of unwary shoppers by stealing their personal information for identity fraud, stealing their passwords to online accounts, imitating legitimate shopping sites to steal money, or they could even divert payments that shoppers make at legitimate vendors, says Hadjizenonos.
Online retailers go to great lengths to make sure that payments are protected by using secure payment gateways. These gateways handle the payment process on behalf of the retailer, ensuring that the retailer never has access to the customer’s card details or CVV number.
ALSO READ: Do South Africans open the door for scammers?
To provide an extra layer of security, trusted payment partners diligently monitor transactions for any signs of potential fraud. Most of the time merchants will redirect onIine transactions to the customer’s bank app for manual authorisation, adding another level of protection.
“If you want to ensure that a website is trustworthy, look for a padlock icon and a URL that starts with ‘https’. These are indicators that the website is using a secure payment gateway and taking your security seriously,” says Hadjizenonos.
Using a virtual card can also make your online purchases more secure. “Nowadays, many banks provide virtual cards that automatically change the three-digit CVV regularly. These virtual cards offer greater security compared to physical cards. If a virtual card gets compromised, it is relatively easy to get a new one.”
Consumers should also subscribe to their banking app’s push notifications to be alerted to every transaction, no matter how small.
Although there were initial fears regarding the risks associated with contactless payments in-store, the majority of these payments are secure. Nevertheless, malware could potentially target a Point-of-Sale system, functioning like a digital card skimmer. “Just like with online payment systems, retailers have the responsibility to ensure that they adequately protect and secure all in-store payment systems.”
While payment gateways secure online transactions, phishing remains a major risk in online shopping, Hadjizenonos says. “Fraudsters impersonate legitimate brands to deceive consumers. They send emails, instant messages, or other communications containing malware, links to fake websites, or requests for sensitive information.
ALSO READ: SA’s scammers had a very lucrative Black Friday
“These attackers may take advantage of events like Black November and Christmas by offering deals that seem too good to be true, creating a sense of urgency to trick victims into clicking through.”
Rogue mobile apps can also carry out phishing attacks. These malicious apps can mine your device for data or even install ransomware.
Hadjizenonos says phishing is not the only danger in online shopping. Some criminals deceive innocent shoppers by getting them to click on an advertisement that redirects them to a fake version of a legitimate website.
“It is best to stick to websites that you are familiar with and trust. If you have any doubts, check the site carefully. Verify that the domain name matches the store you intended to visit, check social media reviews around the retailer, or you could even use a verification site like ScamAdviser,” he says.
“Another thing to watch out for is man-in-the-middle attacks, where sneaky individuals take control of wireless or proxy servers to manipulate your online activities, intercept transactions, or trick you in some way,” warns Hadjizenonos.
“To stay safe, it is best to avoid using public wi-fi networks for any financial transactions. Stick to secure networks like the ones at home or your office. Do not forget to secure your home router with a strong password to keep it protected. And of course, keep your phone and laptop updated, patched, and properly secured to shield yourself from these kinds of attacks.”
Download our app and read this and other great stories on the move. Available for Android and iOS.