قالب وردپرس درنا توس
Home / Tips and Tricks / Don't be fooled on Black Friday: 4 scams to prevent this Thanksgiving weekend

Don't be fooled on Black Friday: 4 scams to prevent this Thanksgiving weekend


Within the Moscone Center in San Francisco, Symantec shows a map with cyber attacks.

James Martin / CNET

This story is part of Holiday Survival Guide 2019 with tips on the best ways to manage the holiday season.

This year's Black Friday is expected to break all previous records, with consumers spending an estimated $ 29 billion online during the Thanksgiving weekend. All that money means that cyber criminals will be busier than ever to use malware to target both you and the online retailers that you trust. Some hackers, such as those who hit Macy last month, directly attack vendors' websites. Much more scams, however, are designed to lure you away from legitimate sellers and lead you to malicious sites or apps that often cheat on well-known retailers such as Amazon, Best Buy or Walmart.

For example, research from RiskIQ, a security company, said it identified nearly 1,000 malicious apps with vacation-related terms, and more than 6,000 apps with names and slogans from popular retailers to bring in unsuspecting victims. RiskIQ also said it has found 65 malicious websites that act as popular retailers in an effort to fool you into providing your personal information.

As always, your best armor against these schemes, scams, frauds and disadvantages is the knowledge you need to sniff them out. Here is everything you need to know about (not being) duped during these holidays.

  facebook-logo-money-1 "data-original =" https://cnet2.cbsistatic.com/img/7c2Fk-x5FtCvxb123qugSBQpMus=/2019 / 07/30 / e0ea26b3-9f87-448c-8ff4-30b7fa6e1f92 / facebook -logo-money-1.jpg cialis19659009 {facebook-logo-money-1 cialis19659010Buch The "Secret Sister" gift exchange that originated on Facebook in 2015 is little more than a pyramid scheme. Angela Lang / CNET
<h2>  Avoid the & # 39; Secret Sister & # 39; gift exchange – it's a pyramid system </h2>
<p>  Originally around 2015, this gift exchange between internet strangers plays the popular workplace practice of & # 39; Secret Santa & # 39 ;, a game where every person buys a gift for another, randomly selected person without someone shares his fifteen. Instead, it is a pyramid scheme dressed in holiday clothing, according to the Better Business Bureau. The "Secret Sister" exchange invitation promises that you will receive approximately $ 360 in gifts after purchasing and sending a $ 10 gift to someone else. </p>
<p>  Unfortunately, such poor mathematics has not prevented this scam from reappearing year after year. You will probably not only receive $ 10 dollars if you do not receive gifts, but the program also means that you pass on personal information (names, e-mail addresses, telephone numbers) to people you have never met in person. </p><div><script async src=

The Better Business Bureau recommends handling any request to become a secret sister by ignoring it – do not give your personal information to strangers online. You can also report the invitation on Facebook or on whatever social network you have been approached.

False websites and fraudulent apps are going & # 39; phishing & # 39;

In a phishing scheme, the victim receives an email or text message asking him to enter the payment information or other personal data on a fraudulent website, which is often designed to look like a legitimate site.

  mcaffee stats "height =" 0 "width =" 370 "data-original =" https://cnet4.cbsistatic.com/img/4jGZekjMlttbUwWMEcKRTDIGZbM=/370x0/2019/11/23/1f4adb77-070c-419b -9270-af2e00a6767f / mcaffee-stats.jpg

According to cyber security company McAfee, more than a third of all Americans have been victims of phishing years.


A recent survey by cyber security company McAfee reports that 41% of Americans fell victim to e-mail phishing schemes in 2019. It is not surprising that a similar number – 39% – reported e-mail do not check mail senders or merchant websites for authenticity.

To top it off, 30% of respondents in the past year alone report losses of $ 500 or higher.

If the data from RiskIQ is any indication, expect an increase in messages that claim to be from Amazon, Best Buy, Walmart, Target or other major retailers in the coming months. If you receive an email asking you to update your payment method or request other personal information, contact the company's help desk to verify that the email is legitimate before doing anything else.

Other ways to identify a phishing email, according to the Federal Trade Commission and StaySafeOnline.org, include:

  • The sender's email address looks good almost but contains extra characters or spelling errors.
  • Spelling errors and / or bad grammar in the subject line or elsewhere in the message.
  • Address with generic terms ("Mr." or "Madam" or "Dear Customer") instead of by name.
  • The message warns you to take immediate action and asks you to click a link and enter personal information, in particular payment information.
  • The messages promise a refund, discount coupons or other freebies.

Credit card skimming goes completely digital

Credit card skimmers who steal your personal data when you have a credit or debit card at the ATM gas pump or other payment kiosk has existed for more than ten years, but the October attack on Macy & # 39; s is an example of the same technology that is applied digitally.

  mobile-payments-visa-paywave-chip-security-credit-cards-4885.jpg "data-original =" https://cnet1.cbsistatic.com/img/wVu33UV3Jw8_ZY87AzLmUw9zfCg=/2015/09/23/08c1c2e2 -5d5b-48dc-8b4f-6deff9d48c9e / mobile-payments-visa-payWave-chip-security-credit-cards-4885.jpg [19659034] mobile payments-visa-payWave-chip-security-credit-cards-4885.jpg [19659018] Skimming credit cards used to require physical hardware, but now hackers insert malicious code directly into merchant websites to steal customer credit card information. </p><div><script async src=

James Martin / CNET
In essence, instead of using physical hardware to steal payment card numbers, hackers have placed malicious code directly on Macy's website to do the same with online payment information.

Regarding online skimming of credit cards, Tim Mackey, chief strategist for security Synopsis, a digital security company, warns: "There is no obvious way for the average person to identify whether or when a website has been compromised. The only thing A potential signal may be that the website itself does not look good. "http://www.cnet.com/"

Mackey suggests some strategies that consumers can use to protect themselves:

  • Do not store your credit card information on store sites. [19659027] Use an external payment method such as Apple Pay, Google Wallet or PayPal if possible.
  • Enable purchase notifications on all your credit cards.
  • Disable international purchases on all credit cards.
  • Only make purchases from your home or mobile network Ork, never on public WiFi where your payment can be intercepted.

Fear of & # 39; sap-jacking & # 39; may be exaggerated

The office of the prosecutor in Los Angeles published a blog post earlier this month advising citizens not to use USB ports to charge in public places such as airports and shopping centers, warning hackers may "juice-jacking" – Install software that downloads malicious code on connected phones and tablets, giving thieves access to your personal information.

  screen-shot-2019-11 -22-at-10-42-48-pm.png "data-original =" https://cnet2.cbsistatic.com/img/zuvmPWhmNYieqh1lxMT3AUKoIso=/2019/11/23 / 73784e87-287b-497c-9e74-56346abe6ebc /screen-shot-2019-11-22-at-10-42-48-pm.png blonde19659044-05screen-shot-2019-11-22-at-10-42 -48-pm.png

The Los Angeles County District Attorney & # 39; s Office posted a video alerting residents of so-called & # 39; juice-jacking & # 39; malware on public USB charging stations, although such cases not in the books.

Screenshot by Dale Smith / CNET

Although that is theoretically possible, as the urban-myth-busting website Snopes.com states in a recent post, the chance that this will actually happen to you is incredibly small.

When TechCrunch contacted the LA County DA to ask how widespread the problem is, the Chief Public Prosecutor could not confirm any real & # 39; juice-jacking & # 39; cases in the books. One reason could be that most smartphones and tablets currently in use now have software to prevent precisely these types of attacks – therefore your phone asks if you trust the connection when you connect it to a laptop or desktop to work on load. [19659007] As long as shopping still exists, scammers and thieves will try to oust you. In the meantime, the best thing you can do is to stay ahead of their deception and protect yourself with knowledge. View our Holiday Survival Guide for more strategies to endure this fun but stressful season. We've gathered the best tips and tricks for de-stressing after marathon shopping sessions, how you can use your smart assistant to manage vacation gatherings, whether you're using Google Home or Amazon & Alexa, and how to eat healthy without dessert to skip.

Source link