Warning for Aust before US Black Friday

Luke Costin
(Australian Associated Press)


Australian consumers need to be cautious as scam artists kick into full gear for the Black Friday and Cyber Monday shopping event, tech experts warn.

The retail event – the biggest in the US annually – has caught on in Australia in recent years with one in six local online shoppers participating in 2017, according to Australia Post data.

Just as many retailers have already started sales, criminals have begun ramping up campaigns to exploit rushed and tired shoppers, cybersecurity experts say.

Australia is often among the top 10 targeted countries for most cyber attack types because of our wealth and early adoption of technology, Symantec’s chief technology officer for Asia Pacific Nick Savvides said.

He expects criminals – trying to trick Australians waiting to hear about great Black Friday deals via email – would be impersonating legitimate retailers and sending their own emails about seemingly juicy offers.

But following a link on those shady emails will more than likely end in consumers unwittingly handing over personal information.

“Australian really need to think about where they put their information,” Mr Savvides told AAP.

He suggested people stick to the major sites, type in the URL instead of following links from emails and don’t reuse passwords so criminals that may get your password can only access one account.

Magecart, a credit and debit card skimming operation which has struck high-profile sites including Ticketmaster and British Airways, is also a threat – though Mr Savvides said most large organisations are now looking out for signs of the formjacking in their websites.

People should install security software such as Norton on desktops and phones that protect from formjacking, he said.

“(If you do this) your risk won’t be eliminated but will be reduced,” he said.

Sophos regional manager Ashley Wearne advised consumers to avoid being tempted by deals that sound too good to be true and look out for the padlock sign next to the web address in their browser to ensure their connection is encrypted.

He said shoppers should also watch out for sites that want way too much information, such as your card PIN.

“If in doubt, give nothing out,” Mr Wearne said.


Like This