Don’t You Be Singing those Black Friday Buyer Beware Blues

Alongside links to Amazon, Home Depot, Staples, etc. Google’s sponsored shopping sections also show unfamiliar stores with lower prices than those of the well-known retailers. But are these really good deals?

Here are some ways to see if an inexpensive site is really going to get you what you want. None of these are absolute rules; the more information you have to make your decision about trusting an unknown website with your account or other personal information, the better sense you can get whether it’s worth making the bargain.

  1. It’s harder to get into cybersecurity trouble when staying with well-known brands and websites. That way you’ll know the origin of the merchandise you’re getting, and can feel more confident that these popular businesses are going to have overall better site security.
  2. How old is the site? Enter the domain name in https://websiteseochecker.com and check the “Age” column. The number of years and/or days may tell you something about the site’s basis for reputation.
  3. When in doubt, run a Google search for the site name, too. Red flags may be immediately apparent.
  4. Does the site have an odd-looking domain name? If a website’s address looks weird or unlikely … it’s probably good to avoid.
  5. Here’s a collection of crooked tactics Bryley engineers have witnessed over the years. Best to steer clear of:
    • A site with a wildly unexpected selection of merchandise (e.g. diapers, jet skis and industrial abrasives [Amazon excepted])
    • Contact information that does not correspond to the website
    • A customer service email that looks fake
    • Or a customer service email that looks official, but doesn’t line up with what you know to be true. As career-criminal-turned-FBI-man Frank Abagnale told Tech Republic, “people are basically honest and because they’re honest, they don’t have a deceptive mind. So, when they see an email that looks official, they assume that it is real.”1 Be wary. Best never to click email links, but go on your own to the website to conduct your transactions.
    • Are prices just a bit too low? Some scammers have become savvier in making their prices look low, but still high enough that you can imagine a scenario by which they can sell at that rate, rather than the ridiculously low prices that are clearly too good to be true. Someone may just be baiting you.
    • Online shops that ask for information like date of birth, social security number or anything other than your credit card number and billing and shipping address

Online Shopping at a Coffee Shop?

Wi-Fi has serious security limitations. And shopping sends seriously valuable data out into that Wi-Fi wild. Unsecured connections give hackers access to intercept your data and read what you’ve sent.

Set-up and use a Virtual Private Network (VPN) to create an encrypted data tunnel between you and a VPN provider. There are many consumer-oriented VPN products available, and Bryley offers a VPN solution for businesses.

Make sure the website you’re shopping at has an up-to-date SSL (Secure Sockets Layer) Certificate that verifies encryption on their end of the communication chain. But SSL encryption is no guarantee of legitimacy. SSL is important, but it can give the false impression that you’re not dealing with tricky jerks. Sometimes attackers pay for an SSL certificate or they use a free https://letsencrypt.org certificate.2 Let’s encrypt is a great initiative to get encryption in wide use, but its certificates are limited to 90-day periods — how perfect for setting up a site just for the holidays.

General Browsing Best Practices

Update your browser and operating system. One of the more frequent entry points for malware is through unpatched software. Online shoppers are most at risk due to the sensitive information involved. At a minimum make sure you have an updated browser for shopping. A new browser can protect your cache and cookies and save your bacon.

Use up-to-date antivirus software to keep you safe from known malware. Outfit each of your devices with a product that scans apps for viruses and spyware and blocks shady websites.

Online Shopping and Your Bank

When it comes to shopping, malicious hackers are most often looking for credit card data. Online shops are the best place for them to get that information. If these shops get hacked, their information — your information — falls into the hands of cybercriminals. So it’s a good practice to review your bank statement and watch for any suspect activity. If you do see something wrong, call the bank quickly. In the case of credit cards, pay the bill only once you know all the charges are accurate. You have 30 days to notify the bank of problems.3

Credit cards are safer than debit cards. Credit cards have extra legal defenses. With credit cards, you aren’t liable if you are a victim of a fraudulent transaction, so long as you report the fraud in a timely manner. Credit cards also give you leverage in disputes with a seller. Banks are much more protective of credit card accounts since it’s their money on the line, not yours.

Keep a record of your purchases. Hold on to your receipts, including warranty and return information, and destroy the receipts when you no longer need them.

Buying holiday gifts online can be enjoyable, and should be enjoyable: no mall crowds and whatever you buy’s delivered to your door. On your phone or computer you can compare prices, product features and reviews at any time. Though their nefarious techniques evolve over time, their goal is the same: bad guys are trying to divide you from your money or personal information. Being smart online will let you enjoy some peace of mind, too.

  1. https://www.techrepublic.com/article/famous-con-man-frank-abagnale-crime-is-4000-times-easier-today/
  2. https://www.computerworld.com/article/3427858/what-is-magecart-and-was-it-behind-the-ticketmaster-and-ba-hacks-.html
  3. https://www.pcmag.com