November 22, 2017

Black Friday: Don't Get Scammed


The Biggest Shopping Weekend Brings Out the Scammers



Shop Safely and Avoid the Cyber Shopping Scams



Black Friday, Cyber Monday, and basically the whole Thanksgiving Weekend are some of the biggest shopping days on the planet.  Almost every cyberstore has some kind of special, and our Inboxes and Social Media Feeds are full of discounted offers.  And although there are many legitimate sales, there are just as many scammers looking to rip you off on this big shopping weekend.  Don't be a fool, and look out for the Black Friday Shopping Scams.  Here are a few of the more popular ways to separate honest folks from their hard earned money.

Bogus Order Confirmations

Bogus order confirmations are a form of spear phishing. Scammers send hundreds of fake order confirmations, hoping you will click through to cancel an order.  Basically, the scammer steals official looking logos and graphics from a major retailer, then uses them in an order confirmation purporting to be from that retailer.  These phishing attacks multiply on Black Friday, as many folks are placing online orders during that time.  The e-mail may spoof Best Buy, Amazon, Ebay, Target, WalMart, Costco, etc.  If you click through the fake e-mail, you will be taken to a cloned log-in site.  The scammers are hoping to steal your shopping log-ins, so they can go on a shopping spree with your money, and even lock you out of your own account.


If you receive an order confirmation for a product you do not remember ordering, NEVER click through the order e-mail itself. Instead, open a web browser and type that retailer's website address in the address bar. Log into your account and check the "orders" section. Most likely, you will NOT find the bogus order in your account at the retailer.

Of course, if you go to the retailer's site, check your account, and find an order in your history you did not place, it means your account has been hacked. In that case, immediately contact customer service. Explain there is an order in your account you did not place. Customer Service will cancel the order for you and walk you through changing your account password.  Next, contact your credit card company to put a fraud alert on your account. Explain an online order was placed by someone else using the card. Your credit card company may suggest reissuing that credit card.

Site Clones

The Bad Guys count on folks being distracted while holiday shopping, and they like to take advantage of this.  During the Holiday, thousands of clone sites go up, with the express purpose of fooling folks into thinking they have reached the real deal. Many of these sites depend on folks mistyping an address into their browser.

For example, typing ebaay.com into your browser may result in reaching a cloned site. The site looks just like the real ebay site, so you do not notice you are in the wrong place when you go to log in.  However, when you do log in, you've just given your ebay credentials to some criminal. 

Often, these sites "frame" the website they are pretending to be, so the site really operates like the real thing. It may even allow you to place a legitimate order. However, the rogue site will be recording every key stroke you make, so they can misuse your information other places.  

Due to their affiliate program, there are a lot of Amazon clones in cyberspace. These clone sites are designed to look and feel like real the real Amazon site, but will limit the products that appear in "searches" to inferior, third-party marketplace products that may be inferior or outright copies.

There are thousands of websites offering "Black Friday Deals" pages that encourage you to click through to purchase a product. Always pay attention to the URL in the link, as well as the URL on which you land.  Many of these guides lead to cloned or framed sites. Always check the URL that appears in the actual browser bar when clicking through a link.

Facebook, Instagram, and Social Media Scams

Facebook is becoming a popular place from which to shop. Many cute products come across Facebook timelines, which are then shared and reshared amongst friends.  Some of these ads are legitimate, but especially during the Holidays, many are not.

Again, anyone can open a Facebook page and begin advertising immediately.  This includes ads that lead to sketchy websites and ads for nonexistent products.  That cute t-shirt your friend shared, thinking it would be a perfect gift for Aunt Selma may never actually arrive. If it does arrive, it may look nothing like the picture. And when you try to find the seller's Facebook Page to complain, it may have vanished into thin air.

Facebook uses a "reporting system" to weed out the sham ads. What that means is a user needs to bring the scam to Facebook's attention before Facebook examines the ad. If Facebook determines the ad is bogus, they will remove the ad and may close the associated Facebook account. Of course, this takes time, and the scammer may have made thousands in bogus orders by the time Facebook closes the account.  By that time, they have already mined your personal information, and they already have your credit card information. They may have sold it or fraudulently used it by the time you realize you fell for a fake ad.

ALWAYS be extra careful when shopping through Facebook. If there is no associated web page, think twice about purchasing that product. If there IS a web page, Google it before placing an order. Run a whois to determine when the site went up, and if it is only a day or two old, avoid shopping there. Also avoid ecommerce websites that use whois masking, so you cannot see who really owns a domain name.  Honest sellers make it easy to get in touch with them, while fraudsters make it as hard as they can.

And of course, the Bad Guys use similar tactics on other Social Media sites. They will post a fraudulent product ad, and they will usually collect hundreds of dollars before disappearing into the night. And of course, when the product never comes, and you go back to try to reach out to the seller through the same Social Media Account you purchased the item, that account has disappeared.

Spam E-Mails

Ripping people off via spam e-mail is one of the oldest scams on the Internet.  Sometimes, the criminals send out e-mails pretending to be someone else. Other times, they don't even pretend to be a legitimate e-commerce site, but rather, send the e-mail in a friend's name, or even just use their own.  Most times, these e-mails offer products at a ridiculously low price to entice you to click through.

The rule to NEVER purchase ANYTHING from a spam e-mail applies even more on Black Friday Weekend.  When you click through the e-mail, you'll probably be taken to a sham site AND get some nice malware as a bonus.  

The same rules for spam apply during the Holidays: do not click through or unsubscribe. Just junk file the spam, then delete it.

Are All Black Friday Sales Just a Scam?

There are many legitimate sales during Black Friday Weekend and Cyber Monday. Retailers all take advantage of the fact this is the biggest shopping weekend of the year.  There are a slew of legitimate sales. However, there are just as many scams as there are bargains.  And the scammers take advantage of all those people looking for bargains, casting their nets and hoping to reel in a couple of big suckers.


Black Friday is a time to stick with retailers you have used before and with the "Big Guys." It is a time one needs to be extra vigilant about confirming the sender of an e-mail is who s/he purports to be. It is a time to start shopping by going to a retailer's site directly, or by only clicking through from places you trust.  And although there are many good deals to be had, especially on Black Friday, if it's too good to be true, it probably is a scam.  

Do you shop on Black Friday and Cyber Monday? What do you do to ensure you are not getting ripped off? Let us know in the comments.

We'd like to wish all of our readers a Happy Thanksgiving and a Happy Holiday Season.  Here at Techlaurels, we WILL spend much of this weekend shopping online.  However, we're going to depend on the communications that come directly from our favorite vendors to identify deals, and we're going to take extra care when clicking through from ANY e-mail, and especially those that advertise Amazon Sales.

No comments:

Post a Comment

Thank you for contributing to the discussion! Your feedback is valued! (Unless you are a sunglasses or work at home spammer, in which case, your comment will be promptly deleted. :D) The Mods are reviewing it, to keep those types away! ;)