Cyber Monday – how not to get ripped off? Cyber security for e-commerce customers

Cyber Monday is a day full of unique promotions that attracts online shopping enthusiasts. However, as this form of commerce grows in popularity, so does the activity of cyber criminals who seek to exploit the opportunity for fraudulent activities. How not to get scammed when buying online, what to look out for and where to look for help when you have been a victim of fraud?

During the busy shopping period, it is advisable to be vigilant when carrying out transactions online. The increase in fraud on popular shopping platforms such as Allegro, OLX or Vinted points to a growing threat in this area. Cybercriminals are increasingly creating fake online shops offering fictitious products or phishing for bank account access details. Fraudsters send phishing messages that encourage people to open infected attachments or click on links leading to fake websites. Such sites can look almost identical to the genuine ones and are designed to trick people into providing login details, including online banking details.

How not to get ripped off when buying online?

Educating internet users about the safety of online shopping is becoming crucial, especially given the frightening survey results that show a lack of awareness among Poles about threats such as phishing and skimming. This highlights the urgent need to make consumers aware of the risks associated with online transactions and the need to take action to protect personal data and finances.

The Ministry of Digitalisation has developed tips to help make users safer online. In addition, the shopping guide prepared by CERT Polska contains practical advice on safe online shopping. We have collected the most important notes and tips that increase the chances of safe online shopping while protecting personal data and finances.

How to shop safely online? A practical guide

To buy safely online, always check the credibility of the seller by using reviews on auction sites, forums or in the comments. It is also important to carefully examine the details of the shop, such as its registered office, address, VAT ID, REGON or company name and verify them on the KRS website. If the company at the indicated address does not exist or is involved in something other than commerce, it is better to refrain from shopping. An additional asset that may prove the seller’s reliability is the possibility to pay on delivery of the ordered goods.

Carefully check the addresses of the websites where you shop. When searching for products online, pay attention to the search results. Dangerous sites may appear next to reputable shops. Evaluate the quality of the website – correct language, photos, graphics. Amateurish workmanship may indicate dishonesty.

How do fraudsters impersonate well-known brands?

Fraudsters often impersonate well-known shops with minor changes to the address, such as typos. Fake sites can look very similar to the originals, so look out for inconsistencies – differences in fonts, language errors or other details can be a warning sign. If you come across an unfamiliar shop in the search results, check what else it offers. An overly diverse range of products, including both clothing and construction machinery, for example, should raise your alert.

In addition, if you have come across the site via a social media link, SMS or email, verify its domain name, as this could be a phishing attempt.

If you have any doubts about the authenticity of the site, it is better to abandon the purchase.

Use strong and unique passwords for different accounts to minimise the risk of data leakage. It is also extremely important not to succumb to the time pressure that scammers often use – messages such as ‘last 5 minutes’ can prompt hasty decisions. This is a popular socio-technical trick designed to force you to make quick decisions. Always keep a cool head and don’t get carried away by the excitement of supposed discounts.

Suspicious online shops. Pay attention to these

Review terms and conditions, return conditions, payment and delivery methods. Inconsistencies in this information are a cause for concern.

Try to contact the shop. Lack of contact, inconsistent information or incompetent answers are warning signs. In these times of sophisticated methods used by cybercriminals, the green padlock symbol in the browser does not guarantee complete security. If other elements of the website appear suspicious, do not ignore your concerns.

If your antivirus or browser warns you that a site is unsafe, do not ignore these signals. Equally suspicious are unexpected requests from the ‘bank’ during payment, such as for additional action on your account. When you have doubts about the authenticity of a contact, stop the conversation immediately and contact the bank yourself using official contact details.

Review your bank transaction history regularly and contact your bank immediately if you suspect unauthorised transactions.

How do I pay securely online?

When making payments online, it is crucial to be vigilant and follow a few rules. First and foremost, make sure that the website where you are completing the transaction is secure. The mere presence of a green padlock in the address bar is not enough, as fraudsters are increasingly using SSL certificates to build their fake sites. A certificate does not guarantee the integrity of the site owner, so it is worth checking other aspects carefully, such as the URL or site reviews.

When paying, pay attention to whether the transaction is handled by a reputable payment provider. Only provide login details, credit card numbers or CVV codes on verified and trustworthy sites. Remember that unauthorised interception of card details by cyber criminals can lead to the loss of all funds in your account.

Look out for this when paying online

Payment operators should be licensed by the Financial Supervisory Commission (FSC). Before making a transaction, it is worth verifying their presence on the list of supervised entities and checking that they are not on the KNF‘s public warning list.

When buying from private individuals, especially via social networks, it is best to choose cash on delivery or personal collection with payment on the spot. Never give your login details or Blik codes to anyone. Only transfer money if you are sure of the recipient’s identity. With Blik, you confirm each transaction with a PIN on the bank’s mobile app, which increases security. However, bear in mind that Blik operations are harder to block than traditional transfers, which means more risk when making payments to strangers.

Avoid making online payments on computers accessible to the public. When using mobile devices, remember not to connect them to open WiFi networks. Make sure you have anti-virus software installed and updated on your equipment. After making a payment, always log out of your bank account and close your browser.

Have you been a victim of cybercrime and been scammed while shopping online? Take these steps

Buying from fake online shops can lead to losing money and even greater losses. If you fall victim to cybercriminals, take the following steps:

• Contact the bank that handles your payments – it may be possible to cancel the transaction.
• Report the incident on incident.cert.co.uk and contact the police.
• Report the matter to the police or the public prosecutor’s office – you have the right to file a fraud notice. There is a cybercrime department in each unit.
• It is also a good idea to warn others by leaving information about the fake shop on online forums, social media and also on review sites.

Buying from a fake online shop can lead to serious losses. The most obvious consequence is losing money for products that never arrive. In a worse scenario, if cybercriminals install malware on our device, we could lose access to sensitive data such as login details or payment card information. Therefore, when shopping online, let’s always be vigilant and not ignore any suspicious signals.

Cybercrime. Money back

If you have paid with a card, it is possible to get your money back through the so-called chargeback procedure, which allows the bank to refund the money. All you need to do is make a claim, describing the situation. If you paid by bank transfer, the chances of recovering the money are lower, but there are cases where the bank can stop the transfer. Often, however, recovery of lost funds is only possible after the fraudsters have been apprehended by law enforcement.