Phishing scams beef up just in time for the holiday season
WASHINGTON (SBG) – Every year, more and more people turn to their computers or cell phones to shop for loved ones for the holidays. Also, every year, more and more scammers are finding new ways to turn your holiday shopping into a quick payday.
Walmart.com, Bestbuy.com and eBay are just a few of the many popular sites shoppers visit to make holiday shopping quick and easy. But now, thanks to phishing scams, sometimes these sites are not always what they seem.
“A phishing site is basically a replica of a legitimate website,” said Candan Bolukbas, founder and CTO of Normshield, a cybersecurity company.
He says once you enter your credit card information into one of these fake shopping sites, the scammers win. It’s a problem on the rise. Bolukbas said there had been an 11% increase in these scams in just the past year. This year there have already been roughly 6,000 cases and he expects that number to climb to 9,000 by the end of the year.
So how do you know if the site you’re visiting is the real deal? Usual telltale signs have been the URL starting with ‘https’, and you see a padlock symbol to the left. But now Bolukbas says scammers are using these in their scams so you must be diligent.
"Some phishing URLs, and I 'm going to show you some examples, are very similar to the original one and its hard to detect that,” said Bolukbas.
He showed up a dummy PayPal site as an example. The site has the secure looking “https” at the front of the address, but then you also see the word “Jovani”, a red flag. It’s a random word that does not match the real PayPal site.
"The best way to detect it is using a password manager,” said Bolukbas.
The option to use a password manager usually pops up on your computer, especially if you’ve visited the site before and created a shopping profile.
Retailers are also diligent. We reached out to some of the major retailers for comment.
“Customer security and privacy is a top priority for us. We recommend consumers use different usernames and passwords on various sites, because malicious parties will typically test the credentials they obtain across many popular sites. We also encourage customers to exercise caution when receiving suspicious email or visiting unfamiliar sites, and we recommend frequently updating the antivirus software on their computers,” said a spokesperson from Wal-Mart.