Fake websites citing Black Friday have tripled, says company – 11/22/2023 – Tech

Two out of every three Brazilian consumers intend to go shopping on Black Friday looking for good deals, according to data from Google. In recent November, fraudsters have been surfing this wave to deceive people on the internet.

The fake website ‘Loja Estoque Brasil, for example, placed a large generic banner with advertisements for discounts of up to 30%. In the portal’s catalog, you can find a JBL Boombox speaker, generally sold at prices around R$2,000, for R$247.99.

Alone, the 88% discount generates distrust. When scrolling to the end, the buyer may still find other worrying signs: the contact email “[email protected]” (without “t”) and the address “Rua Alameda, 123 Bairro Santo André, São Paulo.”

Complaints on the social network Reddit and on the consumer complaints portal Reclame Aqui corroborate the suspicions. In the latter, there are 12 complaints in the last month — all unanswered.

Report from cybersecurity company Kaspersky shows that the case of Loja Estoque Brasil is one among many. The document shows a threefold increase in fake websites using the term “Black Friday” since October. These attacks are called phishing by experts, in reference to the word fishing in English, as cybercriminals use some topic of interest as bait.

Fake websites and emails are the tactic most adopted in Brazil by fraudsters to carry out scams. In the first ten months of 2023, Kaspersky identified and blocked more than 30 million phishing attacks targeting online shopping, payment systems and banking institutions.

Items in high demand on the date, such as electronics, are recurring bait in scams on Black Friday. Kaspersky found 2.8 million phishing attacks from January to October 2023 just with mentions of iPhones and other Apple products and services. Another scam variation is aimed at console gamers with game offers, but in the end, they only serve to leave players with empty pockets.

Although it seems like a crude scheme, this scam is recurring because it works, say security experts interviewed by the report.

E-commerce platforms were used as cover in 43.5% of fake messages.

Scam establishments can appear on marketplaces, such as Google Shopping, Amazon and Market Livre. Therefore, consumers need to protect themselves by checking which store is responsible for the sale, as the platform often does not make the sale directly.

These sites, in general, have service protocols to overcome defaults and disagreements between the parties involved in the negotiation, but the person responsible for making refunds or resolving delivery problems is the seller.

Experts advise that people check the history of stores on Google and on complaint sites such as Reclame Aqui. On the platform side, there are incentives to report sellers of misconduct — from fraud to service issues.

The director of the fraud and risk area at the payment company Pomelo, Gilmar Magi, recommends that people prefer to make payments via credit or debit card, as it is possible to dispute the operation. “The customer can call the issuing bank, report the problem, a delivery that never happened, for example, and start a dispute about the validity of that transaction.”

In the case of Pix, banks have systems to indicate transfers with a higher risk of fraud to alert the customer. There are smaller chances than with the card, but it is possible to request a refund of the amounts if fraud is proven. Payment via bank slip, in turn, is not reimbursed, according to Magi.

The customer should also prefer to generate virtual cards to make purchases on the internet. In this modality, the bank generates payment data used only for that purchase, which reduces the chance of leakage of sensitive data.

Even before that, the consumer should check the name of the site carefully. According to Febraban (Brazilian Federation of Banks), criminals also clone websites of famous retailers to mislead consumers, placing an extra letter in the website address, which is often imperceptible to the customer or even changing, for example, a letter “o” for the number “0”.

“For this reason, we recommend that customers do their price research, and when choosing a store, directly type the website address in the browser bar. Never click on links sent via emails, SMS or messaging applications and always give preference for well-known stores”, says Adriano Volpini, director of Febraban’s fraud prevention committee.

The director also warns about recent stores with all the positive testimonials from buyers on social networks. “Scammers create fake profiles that invest in media to appear on social media pages and stories, including false testimonials from buyers. They also use testimonial seller websites and international photo and video banks to give credit to the product and deceive the consumer. “

Kaspersky, in its report, also warns about fake gift cards. “For example, a fake website imitates a well-known online store, seducing Internet users with gift cards from €800 to €1.95. As these cards usually do not exist, victims again lose their money.”

See 10 safety tips for this Black Friday:

• Give preference to well-known sites for shopping and check the reputation of unknown sites on complaints pages
• Be very careful with promotional emails that have links. When you receive an unsolicited email, check whether it really is from a reputable company. Access the website by entering data into the browser and not clicking on links
• Always be suspicious of companies that ask for advance payments and promise long-term deliveries
• Carefully check the payment methods offered by e-commerce and be suspicious when there are few options
• Be wary of promotions whose prices are much lower than the actual value of the product
• Check if the page has a compatible authentication seal and number of followers. Be wary of newly created pages
• Give preference to using a virtual card when purchasing online
• If you are making an in-person purchase with a card, always check the value on the card machine before entering your password.
• In the case of in-person purchases, insert the card into the machine yourself. If you have given the card to the seller, always check that the returned card is actually yours.
• If you are paying with Pix, always make the payment within the virtual store environment. When the retailer provides the QR Code, carefully check all the payment details and whether the chosen store is actually the one that will receive the money. Only make the transfer after this detailed check. The same tip applies to payments with bank slips