3 popular online scams during sales seasons & how M’sian shoppers can avoid them
Here are some common online or cyber scams and how Malaysian shoppers can protect themselves, according to information from Microsoft.
[Written in partnership with Microsoft, but the editorial team had full control over the content.]
You might be thinking that ‘tis the season for online shopping with fantastic deals popping up left and right leading up to the holidays.
And while you might be right, someone else that’s keeping a close eye on you and your browsing habits is not Santa, but scammers.
We get it, shopping online is easy and entertaining—that’s why the ecommerce market is expected to grow by 12.8% in 2024, reaching over RM50 billion.
But as online shopping grows, so does the risk of scams and frauds.
Image Credit: Pixabay via PexelsSo, before you click “checkout” on deals that are too good to be true, let’s check out the cyber risks out there and how you can prevent them.
Scams to watch out for
1. Deepfakes
With the proliferation of AI technology, the issue of deepfakes has become more pressing.
For those who aren’t aware, deepfakes are fake videos with fake audio and augmented visuals that impersonate trusted individuals.
In the realm of online shopping specifically, scammers may use this technology to create fake videos with influential figures to trick you into buying products.
2. Techscams
Techscams often involve fake tech support pop-ups or calls that appear after visiting certain shopping sites or clicking on ads.
These scammers will impersonate trusted institutions such as Microsoft to convince shoppers to share sensitive information or pay for fake services to fix non-existent issues.
Other techscams involve fake shopping deals and impersonating retailers to attract shoppers to fraudulent sites. Little do these shoppers know that the sensitive payment information they’re inputting is the real price they’re paying.
Microsoft reported in its latest Digital Defence Report that techscams can impact wallets up to 10 times more than traditional phishing attempts. So stay vigilant and double-check the legitimacy of offers and websites.
3. QR code phishing
Especially after the pandemic, it seems like everyone in Malaysia is used to scanning a QR code for all sorts of things, from reading a menu to making a payment.
An example of a fake warning from a party posing as MicrosoftIt’s true that QR codes are a super convenient way to share and access information, but they can also lead you to fake websites designed to steal personal information.
For instance, these sites could direct you to a fake sign-in page where you could unknowingly enter your credentials, potentially bypassing security measures like multi-factor authentication.
To avoid these, be cautious with QR codes from unknown sources and always verify requests for personal information.
Beat them at their own game
1. Stick to trusted websites
Especially during the holiday season, scammers tap into our search for good deals.
So, if an email or text offers deep discounts and tight timeframes to take an offer up, it could very well be a scam.
To play it safe, avoid clicking links or attachments. Instead, bookmark your go-to platforms or just search the retailer’s website directly.
2. Be sceptical, even with trusted contacts
Phishing messages are more convincing and harder to identify than ever. Remember what we talked about deepfakes?
If someone claims to be a friend or family member, it’s best to call them yourself to verify. Even the “bank” or “government officials” may call to ask for personal details under the guise of protecting you. In those situations, hang up and call the source directly.
Always apply additional scrutiny and double-check directly with the sender before doing what they requested, opening or downloading an attachment, or replying back to their message.
3. Use unique passwords and multi-factor authentication
We know it’s easy and convenient to just use the same, easy-to-memorise password for all your accounts. But seriously—it’s dangerous.
To make life easier, you can use a password manager to help store unique passwords for each site.
Also, enable multi-factor authentication (MFA) wherever possible. This simple step can be what saves you from a scam. Microsoft reports that MFA can block 99% of password-based attacks.
However, be wary of unexpected multi-factor authentication alerts, as these could indicate an attempt to breach your account.
A scammer’s wonderland
“Social media purchase scams are also on the rise, where scammers take advantage of platforms to lure shoppers into paying for non-existent products,” said Laurence Si, Managing Director at Microsoft Malaysia.
It’s not just shoppers who are affected. Online scams are taking a toll on businesses, especially those in the ecommerce space. As fraud shakes consumer confidence, it’ll affect all businesses’ ability to thrive in the long run.
“For Malaysian businesses, this is a wake-up call. Acting quickly and decisively is key to addressing these threats and maintaining trust,” Laurence said. “After all, it’s consumer trust that keeps businesses afloat in the digital world.”
His advice to retailers includes investing in robust cybersecurity measures, such as secure payment gateways and encryption, actively educating your customers, and making use of advanced technology, such as Microsoft’s Azure Security and multi-factor authentication.
Microsoft also has robust solutions like Microsoft Defender that provide real-time protection against sophisticated cyber threats.
Committed to protecting users against cyberattacks, Microsoft launched its Secure Future Initiative (SFI) last year, which will drive the company to work on transforming software development, implementing new identity protections, and driving faster vulnerability response.
Remember—scammers don’t take holidays. So, be vigilant and stay smart as you tap into all the fantastic deals this season. Equipping yourself and your loved ones with the above knowledge is the true gift that keeps on giving.
Learn more about Microsoft’s Digital Defence Report here. Read other cybersecurity-related articles we’ve written here.Image Credit: Microsoft