Expert Advice: How to Avoid Online Fraud – Insights from a Consumer Champion and Cyber Security Expert
“Stop! Think Fraud is a Major campaign to fight fraud launched by the Government today (12 February 2024), backed by leading counter-fraud experts, who are uniting under one voice to provide consistent, clear, and robust anti-fraud advice to the public.” states a news release from the Home Office.
Helen Dewdney, The Complaining Cow, a Consumer Champion, has joined forces with James Bore from cyber security firm Bores Consultancy to provide some tips on what to look out for to stay safe shopping online.
Be aware!
1) It’s easy for criminals to build a convincing site, or clone an existing shopping site. One of the key points that’s been repeated over the years is to trust sites that show a padlock. The problem is that all this really means is the site has what’s called an “SSL certificate” to protect your communication with it, not that it’s genuine in any other way.
2) Emails, texts, and even online adverts may not take you to genuine sites or real offers. If in any doubt, or if the message is unexpected, then going directly to the site, by typing in the website address you’ve used in the past, is always safer. If it’s not a site you’ve used before, search for it by name, and follow the search results. However be aware that being high in search results does not mean a site is real.
3) Any time you’re visiting an online shop you haven’t used before, check feedback from independent sites. Consumer review sites are a good source for these. And while they may still have false reviews they at least mostly try to spot and minimize them. A series of bad reviews, or exclusively overwhelmingly positive reviews with very little commentary, are a sign that you may want to find a different site.
4) You’ll occasionally see advice about using credit cards for online purchases. –Doing this can be useful, as credit cards provide a degree of protection and allow refunds in certain circumstances. It also means that, unlike a debit card, if your details are stolen then your main bank account isn’t accessible. For better results, use a credit card with the lowest spending limit you can, so that any losses are kept as small as possible in the event of credit card theft.
5) An alternative to credit cards when you’re concerned with your card details being stolen is ”single-use” cards. Certain “challenger” banks and other services will allow you to create virtual card details to be used once, and then immediately canceled. Using these means that, even if someone does steal your card details, they won’t be able to use them. They’re also a great option for trial subscriptions.
6) You can also use online platforms, such as PayPal, Apple Pay, or Google Pay, which may provide their own dispute resolution system. If the item costs over £100 and you pay by credit card you will also have cover under Section 75A of the Consumer Credit Act 1974, which is worldwide. Notify the credit card provider if you get no redress from the retailer.
For items paid for using your bank debit card, you may be able to use Chargeback. It is a voluntary scheme based on scheme rules set by card issuers such as Mastercard and Visa.
You also have coverage when shopping with PayPal. However, completing a credit card transaction through a third-party payment service means that the credit card provider and the seller are no longer in a direct relationship, so are not equally liable. This applies therefore to services such as PayPal, Amazon Marketplace, Worldpay, and Google Checkout. So you don’t have any credit card cover if you use this kind of service.
7) Card payments are also the time when the secure “padlock” in the browser matters. You should never put any card details or other sensitive details into a site without the padlock symbol.
What should I look out for?
With a well-designed scam site, it can be very difficult to tell that it is not genuine. Genuine certificates, convincing domain names, and cloned content from real branded sites can all make a fraudulent site seem highly realistic. It may be possible to work out that the site is fake if you know what you’re looking for. But spending time researching, reading through source code, checking domain name registrations, and other methods takes time.
Doing that sort of investigation work every time you’re trying to buy something online is soon going to become frustrating.
Instead of looking into the technical clues and methods for finding out if a site is genuine, there are some other methods to use. It’s worth looking out for any of the signs mentioned below, and building a habit of suspicion and further investigation if you notice them.
1) While not a guarantee, it’s worth noting the majority of online shopping sites will have well-recognized domain name endings, such as .com or .co.uk. Anything else shouldn’t necessarily ring alarm bells but should get you looking carefully for other evidence.
2) Any discount or offer that seems irresistibly generous needs to ring alarm bells. Companies will not offer 50-80% discounts on products that are in high demand. Fraudsters will use these offers to try and trigger excitement and emotional response, which limits critical thinking and makes people more likely to buy before they think things through. Any time something seems to be too good to be true, take a minute to step away and give yourself time to process.
3) Another common trick is to try and build in a sense of urgency to convince people to buy. This plays on human psychology, where we are more affected by the potential loss of something, than the potential gain of it. Presenting a limited offer with only a few hours to buy at a huge discount is a very effective way to override critical thinking and convince targets to pay or provide card details before they become too suspicious.
What are the Scams?
There are a couple of different scams that these online shops will use. One is simply trying to gather card details, or personal details, to use for identity theft and card fraud. These tend not to be subtle, as they are detected quickly and taken down fairly early on.
The second is a little more careful in its approach, taking payment and never providing the products, or even providing substandard or counterfeit versions. These can last a little longer, as they aren’t detected as quickly, and they will often spend time trying to convince ‘customers’ that there’s some problem with delivery.
Fraud is the fastest growing form of crime in the UK, and the most likely form of theft to affect you. There is a lot of advice available online.
It’s also important if you have encountered any of these frauds to speak about them with the authorities and with family, friends, and work colleagues. Reluctance to talk about these crimes is part of what makes them so successful.
Report the matter to Action Fraud. It won’t investigate the case but reports taken are passed to the National Fraud Intelligence Bureau which is responsible for the assessment of the reports and ensuring that your fraud reports reach the right place. The information is analyzed by law enforcement and private sector specialists to detect patterns of activity and behavior for investigation.
ENDS