The run up to Christmas is a lucrative period for retailers, as people look to stock up with promotional offers that coincide with Black Friday and Cyber Monday. AUD $28.09 bn of goods were purchased in 2019. All that money changing hands now puts the scammers back on the horizon, where they target online shoppers with fraudulent emails and fake sites.
Scamwatch has received over 12,000 reports of online shopping scams so far this year (increased by 42% YoY) with almost $7m in reported losses.
How to protect yourself while still taking advantage of online deals
Never click on a suspicious link or file as the scammers impersonate legitimate retailers to trick you into installing malware or stealing credentials. Go directly to the retailer’s website to verify the deal, especially those which are too good to be true!
Look for the padlock on the website URL which appears typically to the left in the address bar. No lock is a major red flag, as attackers can steal information from insecure websites.
Never share your credentials or personal details with untrusted sources, such as mother’s maiden name, make or model of your first car. This can be later used to guess your password and steal your identity or money.
Avoid online shopping on public Wi-Fi as these can be intercepted by the attackers to monitor your transactions or worse steal your banking credentials.
Beware of unusual QR codes as cyber criminals can create malicious QR codes to redirect users to fake websites, steal personal data or to install malware on personal devices. Use QR code payments only if you fully trust the vendor. Never scan random QR codes and steer clear from QR code websites that ask for sensitive information.
Check your bank statements regularly and set-up alerts to spot scams. Use credit cards for purchases, as you can dispute fraudulent or suspicious transactions.
Enable two-factor authentication to approve payments from your bank account.
What to do if you are scammed
- Contact your bank and dispute the transaction
- Reset your banking, email account and other impacted online passwords
- Report the scam using the relevant resources:
Reporting of child cyberbullying, image-based abuse and illegal or harmful online content |
esafety.gov.au/report |
Reporting of cybercrime or identity theft |
cyber.gov.au/report |
Reporting a scam |
scamwatch.gov.au/report-a-scam |
Help with identity theft and related issues |
iDcare.org or call 1800 595 160 |
Help with financial and investment scams |
asic.gov.au/about-asic/contact-us/how-to-complain/ |
For scams and identity theft linked to myGov accounts (Centrelink, Medicare, Child Support) |
Call the Services Australia - Scams and Identity Theft Helpdesk on 1800 941 126 Or visit servicesaustralia.gov.au/scams |
Report fraud and theft to the Police Assistance Line |
Call 131 444 |
Verify or report a scam to the Australian Tax Office |
Please feel free to share these tips with your family members and friends to keep them safe on the internet.
If you have queries about this article, please contact your local RSM adviser.