With the festive season around the corner, many organisations would have already paid Diwali or half-yearly bonuses to their employees. The propensity to spend among consumers is usually high, especially when the entire ecosystem is offering discounts and trying to lure consumers with various kinds of promotions.
Today’s smart and curious consumers check several websites that offer discounts, look out for coupon codes, visit physical stores to check brand or bank offers before finally making a purchase. At times, in order to get the best bargain, consumers ignore their worries and reservations and go overboard which may put them in unfortunate circumstances.
Here’s a quick primer on the pitfalls to avoid in online shopping this festive season:
Pop-Ups – While browsing the internet, websites collect and store user information in the form of ‘cookies’ that provide plenty of information about consumer choices, preferences and browsing habits along with personally identifiable information. Malicious practitioners may target consumers with luring ‘pop-ups’ on websites which could actually be ‘click-baits’ offering unbelievable discounts on the products they are craving to buy! One may not spare time, thoughts or efforts to check the genuineness of the portal or the offer in order to act within the validity period of ‘next 5 minutes’ to avail the ‘lucky deal’.
Website cloning – There are qualified fraudsters who meticulously create look-alikes of reputed portals to seek demographic and payment card details of users. Once these details are recorded, they may make fake “verification calls” and convince users to complete transactions initiated by the gang members. Consumers can face unpleasant consequences if they end up sharing their PIN, OTPs received on mobile phones or through email, as these illegitimate transactions then become “valid” as they get the second factor authenticated.
Online sale by physical stores – Some fraudsters may use generic information like nearby places, landmarks, monuments, locations, etc. to identify “unclaimed” businesses that appear in search engines. So for normal businesses such as sweet shops, grocery, wine shops, medical stores or other dealerships, fraudsters replace the contact details such as phone numbers and email IDs on search engine Google results. Casual users may have no way to ascertain the same and if they connect to the said business to enquire or order something, and they can be influenced by deals that are too good to be true because they are actually interacting with the imposters. While ordering online, the “shopkeeper” may seek payment card details along with PIN/ OTP, etc. for multiple small-ticket transactions. Consumers may later discover that there were tricked for higher transaction amounts as well by the imposters.
To prevent grief from internet or vishing frauds, it is advisable to not download or install any unreliable screen sharing software through links shared by potential fraudsters. They may try to connect with users by claiming to be their helpful “Personal telephonic banker” and gain their confidence to share the computer screen. These are remote desktop management tools that when you cede control to the callers, would let them hijack the device and read through and even steal your emails, messages, and other files and folders from the device. Here are quick tips to remember:
- Consumers should keep operating systems of their computers and mobile devices updated to protect against known threats.
- Use a good i.e. “paid” anti-virus/ anti-malware protection too.
- Use complex passphrases that only you would know, and
- Never trust offers easily or be lured by deals that appear too irresistible.
This festival season remembers the old saying: When something seems too good to be true, it usually is.
(Views expressed above are the personal opinion of Mr. Niranjan Upadhye, General Manager, Fraud Risk Management, Worldline India)