Beware of Fake Online Shops and Fake Websites
In recent years, the Internet has become an indispensable part of our daily lives. We use it for communication, shopping, entertainment, and more. Unfortunately, with the convenience of the Internet comes the potential for malicious actors to exploit it. Two of the many forms of deception used by cybercriminals are fake online shops and fake websites (the latter also known as phishing websites). Whilst these may sound similar, they are in fact quite different forms of deception, and so different measures are required to avoid falling victim to them.
Phishing websites aim to steal the victim’s username and password for a particular website, typically Internet banking sites. If the cybercriminals are successful in doing this, they can log in to your online banking account and steal your money by transferring it to another bank account. Here’s how phishing websites work. Firstly, the cybercriminals create a fake copy of a legitimate banking website, that looks just like the real website. The fake website will have a different URL (website address) from the original. Let’s say for the sake of example that there is a genuine banking website with the address abc.bank.com [fictitious address]. The fraudsters might then buy a web address with a similar name, e.g. abcbank.bankonline.com [fictitious address]. They then create a copy of ABC Bank’s website, which looks just like the original, and has the ability to record the username and password of any user who inadvertently logs on to it. They then trick people into logging on to the fake website, by sending out spam messages, telling people they need to log in to their Internet banking service in order to see a new message (for example). A link to the fake website will be included in the email, and anyone who clicks on it and logs into the fake site will have their credentials, and hence quite possibly their money, stolen. As well as directly targeting Internet banking sites, cybercriminals may use the same principle in other ways. For example, many online shops allow users to save their credit card details. If fraudsters can obtain user credentials for such a shopping site, they can then order expensive goods and have them sent to a different address. In order to avoid falling victim to phishing attacks, make sure that you never access any financially sensitive website from links in emails, web pop-ups etc. Always type the correct address of the bank/shop into your browser, e.g. abcbank.com in our example. Many security products include phishing protection, so consider using one of these.
A fake online shop, on the other hand, is not a copy of any other website. It appears to be a normal website selling goods online. However, if you order goods from it, you will find that you receive damaged or counterfeit goods, or nothing at all. In any event, the cybercriminals will have taken your money, and you won’t get it back. Fake shops are a particular risk during the Christmas period, when everyone is trying to find gifts for their families.
Fake online shops may be advertised via spam emails, web pop-ups, or links in search engine results. To protect yourself against fake online shops, do some checks on any website before you buy anything from it. Look for reviews of the site; if you can’t find any, it’s best to avoid that site. It is in the nature of fake websites to be short-lived, as they will soon be discovered and taken down. A site that has reviews going back several years is much more likely to be genuine. You can also look for a street address and phone number; these could be verified by looking for the company name in an online mapping service, to see if it’s shown; you could also call the company and see if anyone answers the phone. There is no technical means for a security program to tell the difference between a fake online shop and a genuine one, so don’t rely on your antivirus program here, even the very best ones can’t help you here. Fake websites attract buyers by offering ridiculously low prices. Hence, if you find an offer that looks too good to be true, then it probably is. Another thing to look for is poor spelling and grammar in the website’s text.
We wish you happy and safe Christmas shopping!