Halloween’s just a few days away and Online portals are busy luring shoppers with some really cool offers, deals and discounts.
But before you go all out with your shopping spree, you ought to educate yourself on cyber security measures, particularly online shopping hoaxes that plague the Internet. Scammers are often after making some quick bucks or stealing sensitive information such as credit card and bank account details. Don’t fall for such hoaxes and scams.
Spam URLs are the most common way of luring a victim during the Holiday season. But there’s a simple way of telling a spam URL from an original one.
Checking Domain Name…
Look at the domain extension – such as .com, .org, .net. etc. carefully. The text which comes just before the domain extension is the domain name of the website.
For instance in “http://amazon.diwali-festivals.com”, diwali-festivals” (and NOT “amazon”) is the domain name. This webpage supposedly belongs to “diwali-festivals.com” and NOT Amazon.com. Now no one has heard of ‘diwali-festivals.com’.
The same logic applies to all websites. For instance, when you log in to your bank account for net banking facilities, ensure that that text/name just before the domain extension is that of your bank and not some random text.
In a recent hoax, Amazon, one of the most widely-spread online shopping portals, was used by cyber criminals to fool people. The spam URL we are talking about was named thus: “http://amazon.todays–deals.com/”. The domain name here is “todays-deals” and be assured that there’s no such site.
Taking advantage of the e-commerce conglomerate’s festive rebate season in the India, this ‘lucky spin deal’ was doing the rounds on the Internet.
Apparently, every Amazon member would win an exclusive gift – which turned out to be an iPhone 7 almost always – by rotating the wheel once and sharing the link on Whatsapp with friends. Needless to say, no such ‘exclusive gift’ was won by anyone irrespective of whether they shared the link on Whatsapp or not.
Clicking on such links could mean spammers are getting access to saved passwords on your browser or any details that might be saved on your system or on sites. So how do you know whether such ‘deals/offers’ are authentic or not?
Common sense, goes a long way!
Sometimes consumerism can make us devoid of common sense. Keep yours intact to avoid falling for scams. Do not go for things that are too good to be true! An iPhone 7 by spinning a wheel? Really? No lucky draw, no survey, no proper marketing. Now that is as ‘phishy’ as it gets. For the uninitiated, such hoaxes are an indirect attempt at phishing i.e. accessing details to con you out of money.
Know more about Phishing Scams, here.
The point I am trying to make is, don’t just click on something because it looks irresistible. Dig a little deeper. Do a little more research.
Take a long and hard look, at the page you are on…
That’s what I mean by digging a little deeper.
Let me cite the ‘Lucky Spin’ Page. Look at the detail cross-section below:
It has the Amazon Logo but the tagline on top “Big Billion Day Offer” is a major give-away. It originally belongs to Amazon’s biggest competitor in the Indian e-commerce space, Flipkart.
Amazon ran a campaign on similar lines. But it looked something like this:
Both Flipkart and Amazon advertised their ‘Big Deal’ offers enough for people to know which was what. So there’s hardly any way, the average shopper wouldn’t know which campaign belonged to which brand.
The page in question here also listed ‘likes’ and ‘comments’ on Facebook, However, all the links were static i.e. if you clicked on any of the profile names or ‘view more comments’, there was no re-direction.
Lesson learnt? Before grabbing your offer, take a good look at the suspect page and URL and know for sure if it indeed is an offer or a sorry attempt to fool you for whatever reasons.