قالب وردپرس درنا توس
Home / Tips and Tricks / 4 Black Friday scam to avoid in 2019: phishing, pyramid schemes and more

4 Black Friday scam to avoid in 2019: phishing, pyramid schemes and more


The key to staying protected is to stay alert. James Martin / CNET

This story is part of Holiday Survival Guide 2019 with tips on the best ways to manage the holiday season.

Today, Thanksgiving, enjoy enjoying family, friends and food (or at least manage them – here is our survival guide for everything under the sun of Thanksgiving . Black Friday is about shopping tomorrow. But while looking at the best Black Friday deals you can score scammers look for ways to steal your money, or worse, your identity.

Consumers spend an estimated $ 29 billion online Thanks to all that money, cyber criminals will be busier than ever to use malware to target you and the online retailers you trust in. Some hackers, such as those who hit Macy last month, attack vendor websites However, many more scams are designed to lure you away from legitimate sellers and lead you to malicious sites or apps that are often known retailers such as Amazon, Best Buy or W almart cheat.

Research from, for example, RiskIQ, a security company, said it has nearly 1,000 malicious apps with vacation-related terms and more than 6,000 apps with names and slogans from popular retailers to bring in unsuspecting victims. RiskIQ also said it has found 65 malicious websites that act as popular retailers in an effort to fool you into providing your personal information.

As always, your best armor against these schedules, scams, fraud and drawbacks is the knowledge you need to sniff them out. Here is everything you need to know about (not being) duped during these holidays.

  facebook-logo-money-1 "data-original =" https://cnet2.cbsistatic.com/img/7c2Fk-x5FtCvxb123qugSBQpMus=/2019 / 07/30 / e0ea26b3-9f87-448c-8ff4-30b7fa6e1f92 / facebook -logo-money-1.jpg cialis19659010Buchfacebook-logo-money-1 cialis19659011 23: The "Secret Sister" exchange of gifts that originated on Facebook in 2015 is little more than a pyramid scheme. Angela Lang / CNET
<h2>  False websites and fraudulent apps are going & # 39; phishing & # 39; <br /></h2>
<p>  In a phishing scheme, the victim receives an email or text message requesting payment information or other personal information to be entered on a fraudulent website, which is often designed to look only like a legitimate site. </p>
<figure class=  mcaffee stats "height =" 0 "width =" 370 "data-original =" https://cnet4.cbsistatic.com/img/4jGZekjMlttbUwWMEcKRTDIGZbM=/370x0/2019/11/23/1f4adb77-070c-419b -9270-af2e00a6767f / mcaffee-stats.jpg

According to cyber security company McAfee, more than a third of all Americans have been victims of phishing years.


A recent survey by cyber security company McAfee reports that 41% of Americans fell victim to email phishing schemes in 2019. It is not surprising that a similar number – 39% – reported sending email senders or websites from do not check retailers for authenticity.

To top it all off, 30% of respondents reported losses of $ 500 or more in the past year alone.

If the RiskIQ data is any indication, expect an increase in messages that claim to have come from Amazon, Best Buy, Walmart, Target or other major retailers in the coming months. If you receive an email asking you to update your payment method or request other personal information, contact the company's help desk to verify that the email is legitimate before doing anything else.

Other ways to identify a phishing email, according to the Federal Trade Commission and StaySafeOnline.org, include:

  • The sender's email address looks almost looks good, but contains extra characters or spelling errors.
  • Wrong spelling and / or bad grammar in the subject line or somewhere in the message.
  • Address with generic terms ("Mr." or "Madam" or "Dear Customer") instead of by name.
  • The message warns you to take immediate action and asks you to click on a link and enter personal information, in particular payment information.
  • The messages promise a refund, coupons or other freebies.

  mobile-payments-visa-paywave-chip-security-credit-cards-4885.jpg "data-original =" https://cnet1.cbsistatic.com/img/wVu33UV3Jw8_ZY87AzLmUw9zfCg=/2015/09/23/08c1c2e2 -5d5b-48dc-8b4f-6deff9d48c9e / mobile-payments-visa-payWave-chip-security-credit-cards-4885.jpg [19659029] mobile payments-visa-payWave-chip-security-credit-cards-4885. jpg

Credit card skimming used to require physical hardware, but now hackers insert malicious code directly on retailers 'websites to steal customers' credit card information. James Martin / CNET

Credit card skimming goes completely digital

Credit card skimmers who steal your personal data when you swipe a credit or debit card at the ATM gas pump, or other payment kiosk have existed for more than ten years, but October attack Macy & # 39; s is an example of the same technology that is used digitally.

In essence, instead of using physical hardware to steal payment card numbers, hackers placed malicious code directly on Macy's website to do the same with online payment information.

Regarding online skimming of credit cards, Tim Mackey, the main security strategist for Synopsis, warns a digital security company: "There is no obvious way for the average person to identify if and when a website is compromised. The only potential signal may be that the website itself does not look quite right. "http://www.cnet.com/"

Mackey suggests some strategies that consumers can use to protect themselves: [19659023] Do not store your credit card details on store sites

  • If possible, use an external payment method such as Apple Pay, Google Wallet or PayPal.
  • Enable purchase notifications on all your credit cards.
  • Disable international purchases on all credit cards.
  • Only make purchases through your home or mobile network, never via public WiFi where your payment can be intercepted.
  • Avoid the & # 39; Secret Sister & # 39; gift exchange ing – it's a pyramid scheme

    Coming to Facebook somewhere around 2015, this gift exchange between strangers on the internet responds to the popular workplace practice of "Secret Santa", a game where each person presents a gift for another, random selected person purchases without anyone sharing his fifteen. Instead, it is a pyramid scheme dressed in holiday clothing, according to the Better Business Bureau. The "Secret Sister" exchange invitation promises that you will receive approximately $ 360 in gifts after buying and sending a $ 10 gift for someone else.

    Unfortunately, such bad mathematics has not prevented this scam from reappearing year after year. You will probably not only earn $ 10 if you do not receive any gifts, but the program also involves passing on personal information (names, e-mail addresses, telephone numbers) to people you have never met in person.

    The Better Business Bureau recommends handling any request to become a secret sister by ignoring it – do not give your personal information to strangers online. You can also report the invitation on Facebook or on whatever social network you have been approached.

      screen-shot-2019-11-22-at-10-42-48-pm.png "data-original =" https://cnet2.cbsistatic.com/img/zuvmPWhmNYieqh1lxMT3AUKoIso=/2019/11/23 /73784e87-287b-497c-9e74-56346abe6ebc/screen-shot-2019-11-22-at-10-42-48-pm.png [19659047] screen-shot-2019-11-22-at-10-42 -48-pm.png

    The office of the public prosecutor in Los Angeles County has a video with a warning for residents of so-called & # 39; juice-jacking & # 39; malware on publicly placed USB charging stations despite the fact that such cases do not appear in the books.

    Screenshot by Dale Smith / CNET

    & # 39; Juice Jacking & # 39; fears can be exaggerated

    The office of the public prosecutor in Los Angeles County published a blog post earlier this month advising citizens not to use USB charging ports in public places such as airports and shopping malls, warning hackers could install "juice-jacking" "software that downloads malicious code on connected phones and tablets and gives thieves access to your personal information.

    Although that is theoretically possible, as the urban-myth-busting website Snopes.com states in a recent post, the chance that this actually happens to you is incredibly small.

    When TechCrunch contacted the LA County DA to ask how widespread the problem is, the Chief Public Prosecutor could not find real cases of & # 39; juice-jacking & # 39; confirm in the books. One reason could be that most smartphones and tablets that are currently in use now have software to prevent exactly these types of attacks – therefore your phone asks if you trust the connection when you connect it to a laptop or desktop to work on load.

    As long as shopping still exists, scammers and thieves will try to oust you. In the meantime, the best thing you can do is to stay ahead of their deception and protect yourself with knowledge. View our Holiday Survival Guide for more strategies to endure this fun but stressful season. We've gathered the best tips and tricks for de-stressing after marathon shopping sessions, how you can use your smart assistant to manage vacation gatherings, whether you're using Google Home or Amazon & Alexa, and how to eat healthy without dessert to skip.

    Originally published earlier this month.

    Source link