قالب وردپرس درنا توس
Home / Tips and Tricks / This 4 Black Friday scam wants your money. Don't let them have it

This 4 Black Friday scam wants your money. Don't let them have it


. The key to staying protected is to stay alert. James Martin / CNET

This story is part of Holiday Survival Guide 2019 with tips on the best ways to manage the holiday season.

This year's Black Friday is expected to break all previous records, with consumers spending an estimated $ 29 billion online during the Thanksgiving weekend. All that money means that cyber criminals will be busier than ever to use malware to target both you and the online retailers that you trust. Some hackers, such as those who hit Macy last month, directly attack vendors' websites. However, much more scams are designed to lure you away from legitimate sellers and lead you to malicious sites or apps that often cheat on well-known retailers such as Amazon, Best Buy or Walmart.

Research by RiskIQ, a security company, said it identified nearly 1,000 malicious apps with vacation-related terms and more than 6,000 apps with names and slogans from popular retailers to bring in unsuspecting victims. RiskIQ also said it has found 65 malicious websites that act as popular retailers in an effort to fool you into providing your personal information.

As always, your best armor against these schedules, scams, fraud and drawbacks is the knowledge you need to sniff them out. Here is everything you need to know about (not being) duped this holiday season. Here you will find legitimate Black Friday deals and more tips for surviving the Thanksgiving weekend .

  facebook-logo-money-1 "data-original =" https: / /cnet2.cbsistatic.com/img/7c2Fk-x5FtCvxb123qugSBQpMus=/2019/07/30/e0ea26b3-9f87-448c-8ff4-30b7fa6e1f92/facebook -logo-money-1.jpg [19659009] facebook-logo-money-1 [19659010] The "Secret Sister" gift exchange, created on Facebook in 2015, is little more than a pyramid scheme. Angela Lang / CNET
<h2> 	  Avoid the & # 39; Secret Sister & # 39; gift exchange – it's a pyramid system </h2>
<p>  Originally around 2015, this gift exchange between internet strangers plays the popular workplace practice of & # 39; Secret Santa & # 39 ;, a game where every person buys a gift for another, randomly selected person without someone shares his fifteen. Instead, it is a pyramid scheme dressed in holiday clothing, according to the Better Business Bureau. The "Secret Sister" exchange invitation promises that you will receive approximately $ 360 in gifts after purchasing and sending a $ 10 gift to someone else. </p>
<p>  Unfortunately, such bad mathematics has not prevented this scam from reappearing year after year. You will probably not only earn $ 10 if you do not receive any gifts, but the program also involves passing on personal information (names, e-mail addresses, telephone numbers) to people you have never met in person. </p>
<p>  The Better Business Bureau recommends handling any request to become a secret sister by ignoring it – do not give your personal information to strangers online. You can also report the invitation on Facebook or on whatever social network you have been approached. </p><div><script async src=

False websites and fraudulent apps are going & # 39; phishing & # 39;

In a phishing scheme, the victim receives an email or text message requesting payment information or other personal information to be entered on a fraudulent website, which is often designed to look only like a legitimate site.

  mcaffee stats "height =" 0 "width =" 370 "data-original =" https://cnet4.cbsistatic.com/img/4jGZekjMlttbUwWMEcKRTDIGZbM=/370x0/2019/11/23/1f4adb77-070c-419b -9270-af2e00a6767f / mcaffee-stats.jpg

According to cyber security company McAfee, more than a third of all Americans have been victims of phishing years.


A recent survey by cyber security company McAfee reports that 41% of Americans fell victim to e-mail phishing schemes in 2019. It is not surprising that a similar number – 39% – reported e-mail do not check mail senders or merchant websites for authenticity.

To top it all off, 30% of respondents reported losses of $ 500 or more in the past year alone.

If the RiskIQ data is any indication, expect an increase in messages that claim to have come from Amazon, Best Buy, Walmart, Target or other major retailers in the coming months. If you receive an email asking you to update your payment method or request other personal information, contact the company's help desk to verify that the email is legitimate before doing anything else.

Other ways to identify a phishing email, according to the Federal Trade Commission and StaySafeOnline.org, include:

  • The sender's email address looks almost looks good, but contains extra characters or spelling errors.
  • Spelling errors and / or bad grammar in the subject line or somewhere in the message.
  • Address with generic terms ("Mr." or "Madam" or "Dear Customer") instead of by name.
  • The message warns you to take immediate action and asks you to click on a link and enter personal information, in particular payment information.
  • The messages promise a refund, coupons or other freebies.

Credit card skimming goes completely digital

Credit card skimmers who steal your personal data when you get a credit or debit card from the ATM gas pump or another payment kiosk have been around for more than ten years, but the October attack on Macy there is an example of the same technology digitally applied y.

  mobile-payments-visa-paywave-chip-security-credit-cards-4885.jpg "data-original =" https://cnet1.cbsistatic.com/img/wVu33UV3Jw8_ZY87AzLmUw9zfCg=/2015/09/23/08c1c2e2 -5d5b-48dc-8b4f-6deff9d48c9e / mobile-payments-visa-payWave-chip-security-credit-cards-4885.jpg [19659034] mobile payments-visa-payWave-chip-security-credit-cards-4885.jpg [19659018] Skimming credit cards used to require physical hardware, but now hackers insert malicious code directly into merchant websites to steal customer credit card information. James Martin / CNET
In essence, instead of using physical hardware to steal payment card numbers, hackers have placed malicious code directly on Macy's website to do the same with online payment information. </p><div><script async src=

Regarding online skimming of credit cards, Tim Mackey, the main security strategist for Synopsis, warns a digital security company: "There is no obvious way for the average person to identify if and when a website is compromised. The only potential signal may be that the website itself does not look quite right. "http://www.cnet.com/"

Mackey suggests some strategies that consumers can use to protect themselves: [19659026] Do not store your credit card details on store sites

  • Use an external payment method such as Apple Pay, Google Wallet or PayPal if possible.
  • Enable purchase notifications on all your credit cards.
  • Disable international purchases on all credit cards.
  • Only make purchases from your home – or mobile network, never via public WiFi where your payment can be intercepted.
  • Fear of & # 39; juice-jacking & # 39;

    The office of the public prosecutor in Los Angeles published a blog post earlier this month, advising citizens not to use USB charging ports in public places such as airports and shopping malls, hackers could warn the software to download malicious code on connected phones and tablets, giving thieves access to your personal information.

      screen-shot-2019-11-22-at-10-42-48-pm.png "data-original =" https://cnet2.cbsistatic.com/img/zuvmPWhmNYieqh1lxMT3AUKoIso=/2019/11/23 /73784e87-287b-497c-9e74-56346abe6ebc/screen-shot-2019-11-22-at-10-42-48-pm.png blonde19659044-05screen-shot-2019-11-22-at-10-42 -48-pm.png

    The office of the public prosecutor in Los Angeles County posted a video alerting residents of so-called "juice-jacking" malware on public USB charging stations, despite the fact that such cases were not recorded in the books .

    Screenshot by Dale Smith / CNET

    Although that is theoretically possible, as the urban-myth-busting website Snopes.com states in a recent post, the chance that this will actually happen to you is incredibly small.

    When TechCrunch contacted the LA County DA to ask how widespread the problem is, the Chief Public Prosecutor could not find real cases of & # 39; juice-jacking & # 39; confirm in the books. One reason could be that most smartphones and tablets that are currently in use now have software to prevent exactly these types of attacks – therefore your phone asks if you trust the connection when you connect it to a laptop or desktop to work on load.

    As long as shopping still exists, scammers and thieves will try to oust you. In the meantime, the best thing you can do is to stay ahead of their deception and protect yourself with knowledge. View our Holiday Survival Guide for more strategies to endure this fun but stressful season. We've gathered the best tips and tricks for de-stressing after marathon shopping sessions, how you can use your smart assistant to manage vacation gatherings, whether you're using Google Home or Amazon & Alexa, and how to eat healthy without dessert to skip.

    Originally published earlier this month.

    Source link