According to Aamir Lakhani, a consultant, and researcher at Global Security, it is crucial for South African customers to be cautious of potential scams this holiday season when they are shopping for Christmas presents. This is especially critical during the holiday season.
“Given the anticipated rise in online activity throughout the holiday season, hackers, like everyone else, will be creating their checklists and confirming them twice this year. According to Lakhami, this is a particularly dangerous period of the year due to a large number of people of all ages who are shopping online and using search engines and other internet channels to place their orders before the holiday delivery date cut-offs.
Even the savviest online shoppers can be duped by even the most basic schemes, as Lakhani pointed out. Hackers who take advantage of opportunities know exactly how to develop tempting and seasonally suitable baits.
The Following is a List of Frequent Scams That Was Provided by Global Security
Scams Involving Holiday Gift Vouchers Purchased Online
According to Lakhani, fraudsters are looking for simple opportunities to take advantage of the current increase in the number of gift card sales. “Gift vouchers are a popular target for hackers and fraudsters because the act of stealing the money deposited onto them is comparable to the act of stealing cash: Once it’s taken, there’s essentially no means for a victim to retrieve it back.”
Scammers May Utilize Gift Cards in the Following Ways
Fake pins are made when con artists remove a piece of the protective layer on the pin so they can jot down the pin code, and then they “replace” the coating with a label to make it appear as though it were brand new. They then insert those PINs into programming that notifies them when someone bought and registered their gift card, at which point they deplete all of the funds on the card before the alert is sent.
Scamming Via Emails
According to Lakhani, if you have ever received an odd email imploring you to assist a relative or friend with an urgent situation and that email led you down the path of giving a gift voucher as payment, then that email was most likely a scam and you should delete it immediately. Lakhani made this statement in reference to emails sent via email.
Hacking a victim is the initial step in an account takeover attack (ATO), which is when a hacktivist obtains the necessary login information for a certain e-commerce network. After obtaining this information, the criminal proceeds to purchase goods, typically high-value electronic gift vouchers, which are subsequently dispatched.
Scams Involving Video Conferences and Phishing
Fraudsters may offer victims phony links to videos that push a user to install the ‘latest edition’ of their conferencing software since there has been an increase in the number of individuals video chatting with their relatives and friends.
According to the firm, clicking on the link will lead the customer to the website of a third party, where they will be able to download an installer. The application may install the software necessary for video conferencing; nevertheless, regardless of whether or not this occurs, the program will load a remote-access application on the host computer.
“This malware offers thieves access to the confidential data and information of the user, which can either be sold on the Black Market or exploited for identity fraud,” said Lakhani.
According to Lakhani, attempts to steal sensitive information through phishing are particularly widespread among online buyers who use mobile devices. Users are increasingly reliant on their mobile devices, particularly their smartphones, to complete transactions. In spite of the fact that these technologies could appear to be less susceptible to dangers, this is not the case. “Online customers may receive bogus text texts that appear to originate from shops they are familiar with, for example,”
“These texts usually comprise a link that, once the user clicks, diverts to a fraudulent website that resembles the retailer’s reputable website but is tailored to retrieve your personally identifiable data (PII),” said Lakhani.
Combining Phishing and Vishing
When it comes to vishing, hackers will call you on the phone to ask for your private details. They will utilize strategies from the field of “social manipulation” to try to mislead you into supplying information such as your login credentials or financial details.
“Contrary to popular belief, perpetrators of online fraud frequently rely on people’s natural apprehension of online cons and assaults in order to carry out their schemes. For instance, a message left on a person’s voicemail could read, “URGENT: Your checking account has been closed owing to suspicious behavior.” Please get in touch with us as soon as possible to regain access.
According to Lakhani, when the target phones back, they are prompted to supply personal information that is later taken and exploited in a negative manner. Verifying that the mobile number from which you obtained a text or a call does, in reality, belong to the organization it is professing to have sent it is one way to protect yourself from being a victim of vishing.
According to Lakhani, “It is important to bear in mind that banks and government organizations hardly ever contact clients or individuals to deliver critical information.” The researcher also mentioned that they are beginning to observe a new con in which con artists construct banners or promotional materials, attach QR codes to successful brands, and then place the banners or papers in retail locations.
“A customer is more inclined to scan a QR code if they find a product that they want and a sign that tells them they can obtain the thing quicker or at a cheaper price,” the author writes. Lakhami claims that this results in the person being directed to a website that is a hoax or in the person trying to install malware.