6 Tips to Prevent Shopping Scams

Online fraudsters are taking advantage of M&S shoppers by posing as the retailer. “These misleading scam adverts are sending shoppers to fake websites that have nothing to do with M&S, luring them in with the opportunity to receive a £100 gift card,” says Nick Drewe, founder of online discounts platform Wethrift.

Once shoppers are directed to the fake website, the page will then ask for personal data, tricking shoppers into being potential victims of fraud.

Below, we highlight the most common scams shoppers need to look out for to avoid being a victim of fraud.

Order confirmation scams

A common phishing technique to look out for is fake order confirmation emails. These emails will claim that an order has been confirmed, but won’t actually tell you what the order is.

Instead, you’ll be encouraged to click on a link to find out. If you do, you will then be directed to a page that looks just like the retailer’s site, but it’ll be fraudsters who will receive your personal information if you have inputted it anywhere.

Fake invoices

Another example is a fake invoice from a scammer, claiming that your payment hasn’t been received. It will then ask you to re-enter your bank details or a request from someone on PayPal asking for payment.

If you receive one of these invoices unexpectedly, regardless of whether you think you have tried to purchase, make sure you read through the information carefully and compare it against your most recent bank statement.

Billing error scam

Often, scammers will email shoppers saying their billing information is incorrect, and that they need to change them immediately or they will lose out on an order.

Usually, when there is a sense of urgency, that’s when you should be suspicious, as they hope to draw you into entering your bank details into a fake website that they’ve made to look like the real deal.

If you are unsure at all about whether an order has gone through, contact the retailer directly with any order confirmation or information so they can give you legitimate information on your account.

Receiving instant messages

Often, you may receive a suspicious-looking message with a link to a well-known website, urging you to click to secure a great deal.

However, the link will most likely be fake, and clicking on it will unleash an intrusion of malware on your device, making your personal information vulnerable.

Scammers will replicate the URL of the retailer’s website and layouts URLs, and as time has gone on, they have become extremely good at it – making it hard to spot whether it is fraudulent or not.

Once they have encouraged people to click, they will then send phishing messages and keylogging malware straight to the target’s device.

Phishing emails

A slightly more modern method of fraud is phishing emails that trick users into disclosing sensitive confidential information. Therefore, it is important to not click on any links or pop-ups from sources that you are not familiar with.

The same thing goes for websites. From dodgy URLs (ones with no ‘https.’ or locked padlock symbol on the bar) to poor website design, there are plenty of fraudulent sites you must be wary of.

Fake product reviews

Fake Amazon reviews have particularly skyrocketed this year. These reviews usually feature unusual turns of phrases and are over-packed with technical jargon.

However, humans are the ones promoting these, often for payment from the product manufacturer in return.

There are ‘review exchange’ clubs online, normally on social media sites, where sellers on sites like Amazon will offer goods in return for overly generous comments – often ones that are extremely misleading.

What to do if you have been scammed?

Contact your bank – This should be the first thing you do, especially if money has already been taken from your account. Immediately replace your cards and change your security details. If you have been scammed, your bank is obligated by law to refund you.

Contact Action Fraud – This is the UK’s national fraud and cybercrime reporting centre: Run. You can contact them on 0300 123 2040 to report a scam or visit the ActionFraud website.

Contact the police on 101 – If you are currently being subjected to a live and ongoing cyber attack then contact the police on 101- the earlier the better.

Jan 11, 2023Chris Price

For latest tech stories go to TechDigest.tv

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__atuvc	1 year 1 month	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.
__atuvs	30 minutes	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.

Cookie	Duration	Description
at-rand	never	AddThis sets this cookie to track page visits, sources of traffic and share counts.
disqus_unique	1 year	Set to record internal statistics for anonymous visitors.
uvc	1 year 1 month	addthis.com sets this cookie to determine the usage of addthis.com service.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
__gads	1 year 24 days	Google sets this cookie under the DoubleClick domain, tracks the number of times users see an advert, measures the campaign's success, and calculates its revenue. This cookie can only be read from the domain they are currently on and will not track any data while they are browsing other sites.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
loc	1 year 1 month	AddThis sets this geolocation cookie to help understand the location of users who share the information.
skimGUID	10 years	Set by Slimlinks, this cookie is a unique identifier provided to each device for log analysis to determine the number of unique users for various parts of skimresources.com.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
_ir	session	This is a Pinterest cookie that collects information on visitor behaviour on multiple websites. This information is used on the website, in order to optimize the relevance of advertisement.
__gpi	1 year 24 days	Google Ads Service uses this cookie to collect information about from multiple websites for retargeting ads.

Cookie	Duration	Description
wp_api	past	Description is currently not available.
wp_api_sec	past	Description is currently not available.
xtc	1 year 1 month	Description is currently not available.

Order confirmation scams

Fake invoices

Billing error scam

Receiving instant messages

Phishing emails

Fake product reviews

What to do if you have been scammed?

Share this:

Like this: