As the festive season fast approaches, cyber security experts are urging bargain hunters to be wary of scams when shopping online.
Australians have reported losing more than $14.8m through online shopping scams this year, according to Scamwatch.
With Black Friday and Cyber Monday around the corner, cyber experts are concerned those losses could become much higher.
“Cyber criminals and scammers are always adjusting their techniques to take advantage of current affairs,” explained Microsoft ANZ’s national security officer, Mark Anderson.
“They also align their scams to holiday periods and associated sales like Black Friday and Cyber Monday.”
While new laws introduced by the Australian Communication and Media Authority have blocked more than 48 million text scams since July, the security expert warned the festive season could breed new scams.
“Scammers know we are all looking for those really good deals – especially when, for a lot of Australians, times are economically tough – and they’ll use that knowledge to try to trick us out of our money or data,” Mr Anderson said.
The ACMA found the most popular scam in the past three months was the Amazon impersonation scam, in which criminals posed as Amazon employees to collect sensitive data from victims.
Mr Anderson warned the scam could become very successful during the festive shopping season.
Other successful online shopping scams involve scammers posing as legitimate retailers through fake ads or fake websites.
Microsoft’s national security officer shared his advice on how shoppers can protect themselves online while snagging a bargain.
Don’t click on links in emails
Never click on a link you weren’t expecting in an email or text message, Mr Anderson cautions. The links can be used to direct shoppers to fake websites which look legitimate.
“They will use these false sites to steal your money or passwords,” he said.
Instead of clicking on a link, go directly to the sender’s official website to search for relevant information.
Do set up multi-factor identification
When possible, the security expert encourages setting up a two-factor or multi-factor identification system which will protect your personal information.
“It simply means you not only have to know your username and password, but can also receive a code in an SMS or log onto an app to prove that it’s really you,” he said.
“Microsoft has found that this stops 98% of password-based attacks in their tracks.”
Don’t use the same password
Using the same passwords for all of your accounts makes it much easier for scammers to access all of your information in one place.
Instead, Mr Anderson suggests buying a password manager, which allows you to securely store usernames and passwords to your different accounts.
Do keep your tech up to date
Updating your phone, laptop and tablet will authorise the latest security fixes to make it harder for scammers to steal your sensitive information.
“The sooner you can update your device, the sooner you are protected,” Mr Anderson said.
Don’t ignore red flags
The security expert urges shoppers to be aware of potential security breaches.
“Whenever you receive a text or email, read it carefully to ensure it is legitimate – if it sounds too good to be true, it likely is,” he said.
Mr Anderson said the same rule applies to tempting bargains online, which could cost you more in the long run. He suggests researching the seller before making any purchases, particularly if the product is much cheaper than on other websites.
Scamwatch recommends checking the reviews of a website before buying anything online.
Do use secure payment methods
Scamwatch warns shoppers to always use secure payment methods like credit cards or PayPal when buying online.
Scammers will often ask victims to pay with a preloaded money card, money order, or wire transfer to avoid detection and make it harder for the victim to recover their stolen money.