Have you received messages from supposed retailers this payday sale?
A cybersecurity firm said it had detected more than 40 million phishing attacks targetting entities such as shopping platforms as of last year.
Phishing is defined by the Oxford as “the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.”
Kaspersky said that phishing “remains an effective way to lure online shoppers into handing over their personal data and financial information to cybercriminals.”
“Well-known brands in the retail and banking sectors are most often used as bait,” it said on a release.
Cybercriminals commonly employ a tactic of sending mass amounts of fake promotional materials disguised as legitimate messages from retailers through email or social network sites.
Once an individual clicks a link to the offer, they will be redirected to a malicious site instead of the retailer.
This makes their device and financial information vulnerable to the hacker while the malicious link will spread itself to their contacts to victimize them.
Kaspersky said that in Southeast Asia, the Philippines logged the highest number of users exposed to phishing attempts in 2021.
“Since the pandemic, online shopping and e-payments have been embraced by Filipinos. So, we urge Filipinos to be on guard especially towards sales announcements delivered through emails, text messages, social media posts, or even calls,” Yeo Siang Tiong, the firm’s general manager for Southeast Asia, said.
“Threats can come from anywhere, but we can protect ourselves with vigilance and a robust security solution installed in our devices,” he added.
The firm said that Filipinos could protect themselves in online shopping through these tips:
Type the received URL directly into the address bar
When receiving messages containing links, the individual is advised to type out the supposed URL in an address bar to help them discern whether the site is legitimate or not.
While website links are shortened to make them more phone-friendly, it may trick people into visiting risky sites.
Use a credit card
Purchases are insured and disputes are easier to settle when a credit card is used instead of a debit card.
Dedicate a separate device and email address to shopping
This will limit the number of spam messages an individual will receive and reduce their risk of opening potentially malicious emails disguised as sales promos.
Be wary of coupon and freebie sites
Kaspersky said that scammers use great deals to con bargain hunters. Buyers are told to be careful of websites asking them to create lengthy profiles and provide extremely personal information.
Manage and protect online passwords
People are also advised to use password managers to help them remember their credentials.
Avoid using public wi-fi
They are also advised against signing in to personal accounts using wi-fi in coffee shops, hotels, restaurants and other public areas.
This is because hackers could hijack the wi-fi signal or set up their own to trick people into using it, making the user vulnerable to tracking and device monitoring.
The firm said that if using a public network is the only option, the individual must initially install a virtual private network (VPN) so that their data will be encrypted.
Stick to familiar brands
Buyers are advised to stick to the brands they know of and have a good reputation.
In cases that they have to buy from a new seller, they are advised to check if they can contact the latter by e-mail, phone number or address.
A seller’s feedback history or online reviews is another indicator of their reliability and integrity.
Always log off after shopping
People are especially advised to do this if they share their devices with someone else.
Use reliable security
To be savvy about traversing the digital landscape, Filipinos can use services with anti-phishing technologies which will notify them if they’re visiting a phishing site.
Read credit card statements
They are also advised to go through their statements to check if unauthorized purchases are made on their accounts.