‘Tis the season for shopping, and in the ramp up for the holidays, it’s best to be on alert, because not every store is as real as it seems.
Even though you can find pretty much anything on the internet, not everything is as real as it may seem. Take how it works for shopping, because while you might think a casual search online could net you that perfect gift at an easy to use online store, it’s also possible that you could find yourself at a hoax, ready to hand over money to a company that has no intention of sending you the product, and merely just taking your cash.
Scamming is, of course, big money and a lucrative business, and it’s entirely possible to fall into a phishing scam if you’re not careful. While some phishing scams are built around the idea of taking your bank details, it seems cybercriminals are using the idea of tricking you into spending money on items as a way to get that money out of your hands and into theirs.
And sadly, the lengths they’ll go to are about as extensive as they are in the phishing world for banking scams. In fact, it might just have you running for the nearest brick and mortar store. But don’t fret, because even though fake retailers are fairly rampant, there are ways you can be aware of what’s going on, and not get fooled.
So what is a fake retailer, and how can it ensnare you?
What is fake retailer?
According to Sophos’ Global Solutions Engineer, Aaron Bugal, a fake retailer is exactly what it sounds like: a retailer meant to look real, yet isn’t.
“Fake retailers will often ‘sell’ brand name products at discounted prices, leading shoppers to believe they’re getting a bargain,” Bugal told Pickr. “They’ll also design their webpages to look extremely believable, giving unsuspecting shoppers no reason to question the legitimacy of their transactions online.”
Giving the appearance that you’re at a real shopfront is a ruse to get you to spend money, as are the terms they may use. You can more or less expect phrases such as “limited stock” or “discounted stock” to dot the sites, all in an effort to help you spend money at websites designed to look legitimate.
Except they’re not. Fake retailers are just scam sites set up with fictional stock, and if you spend money, you could get a different product delivered, or you could get nothing. Your details will be in the system, though, and scammers could end up looking for ways to convince you to spend money in other ways, changing name and setting up shop in other ways.
How fake retailers find you?
It’s not difficult to create a website, and building a fake retailer isn’t necessarily complicated, but getting it out there, that’s more of an issue.
Getting ranked in Google takes time, and that’s something criminals don’t have. Time is against them when it comes to racking up sales and avoiding getting caught, so they tend to turn to a medium where people invariably don’t think long and hard about the click: email.
Seeing emails out of the blue from random companies is more or less normal for everyone, and so if you get an email advertising discounts on products that are selling quickly, you might be inclined to believe it a little more than a typical bank or ATO scam. Sadly, that’s exactly what the scammer is hopeful for, with email phishing attempts one of the more logical ways for a fake retailer to make you think their emailed marketing is, in fact, real.
It might not even be your email, with social feeds affected too. Bugal told Pickr that you need to think about the places being advertised to you, whether it’s on email or social, because there may not be a way to guarantee legitimacy upon first glance.
However, if you find yourself clicking, it’s a good idea to apply the learnings typically used on scam sites to a fake retailer, checking the website address and the language of the website.
“Cybercriminals will often create URLs that look very similar to legitimate website,” said Bugal. “They’re betting that in the frenzy of sale season or Christmas, shoppers will pay less attention to URLs and click through to their fraudulent websites.”
It means if you find yourself at Amazon, check to make sure it reads correctly, instead of say
amazone.com. If you’re checking out JB HiFi, make sure it actually looks like JB’s link, as opposed to something clearly fake, such as
lbhifi.com.au. The language of the website is also important, with errors often found on scam sites.
“Be diligent when choosing a new retailer and consider if the deal is ‘too good to be true’,” Bugal told Pickr. “If they’re brand new but have a long history of happy customers and/or they have bad reviews on service during their short time, be very cautious.”