Avoiding the crowds at shopping centres is just one of the reasons many of us prefer to shop online at Christmas time. But be warned, Christmas is also a time when online cybercriminals go to work!
Scammers can create fake retailer websites that look like legitimate online retail stores. They can use sophisticated designs such as stolen logos, ‘.com.au’ domain names and even stolen Australian Business Numbers.
The big giveaway is that cybercriminals will typically ask you to pay by money order, pre-loaded payment card or wire transfer.
Be warned: if you pay this way, it’s highly likely you’ll never see your money again or the item you just ‘bought’.
Be wary when buying products from online auction websites. Don’t deal with people who ask to negotiate or complete a transaction outside the website – no matter what the reason. Check seller reviews, typically shown by scores and comments, before closing any deal.
This advice extends to online classified websites. These offer goods and services but allow sellers and potential buyers to negotiate a price outside the website. Scammers may pretend to be genuine sellers and post fake ads that advertise products for a much cheaper price than similar items advertised on the same site.
What to look out for
Here are some of the ways you can keep yourself safe when shopping online this Christmas:
- Look for a closed padlock icon and ‘https://’ in the address bar at the top of the page. The safest way to access any website is to type the web address directly into the browser. This will help ensure you don’t get directed to fraudulent websites that pretend to be shopping sites.
- When shopping online only use secure payment services such as your credit card or PayPal. Don’t use wire or account transfers or other unusual payment methods.
- Always log out of any shopping session when you finish and close the browser.
- Create strong passwords – at least 12 characters long, using a ‘passphrase’.
- Keep your operating system, web browser and anti-virus software up-to-date by ensuring automatic updates are enabled or installed as soon as they are available.
- Always enable two-factor authentication whenever it’s offered. It simply means there are two checks in place to prove your identity. An example is when you enter a password and a code is sent to your mobile phone. PayPal and most banks offer it.
- Avoid doing any online shopping using public Wi-Fi networks. These public networks can be prime spots for phishing where a criminal steals sensitive information for malicious reasons.
- Be extremely cautious in dealing with new or unknown retail websites, particularly if they are advertising products and services at extremely low prices. These may be scam websites set up to steal your money or identity details.
- Check the store’s refund or returns policy. The better online shopping and auction sites have detailed complaint or dispute-handling processes in case something goes wrong.
- Pay for goods from online classified websites only when you have seen or received them.
What to do if you get scammed
Contact your bank straight away and discuss the best option, which is often replacing cards or resetting online access.
Most big banks offer guarantees that they will cover any loss due to unauthorised transactions on your account, as long as you did not contribute to the loss, you protected your devices and passwords, and you let them know as soon as it happened.