Share this article on:
As Australians prepare to dish out the dollars for Christmas and the New Year, scammers are bolstering their activities, ready to make the most of holiday season shoppers.
The 2024 Black Friday and Cyber Monday sales are set to rake in more money than ever, with reports suggesting that Australians will spend 5.5 per cent more than last year, $6.7 billion.
Additionally, much more of this shopping is happening online, with four out of five Australians having used online markets and stores in 2023.
“As we head into peak shopping season, scammers are ramping up their tactics, preying on deal-seeking consumers,” said Microsoft ANZ national security officer Mark Anderson.
However, with the added conveniences comes added risk, particularly as AI and other tools lower the barrier of entry for cyber criminals. In 2024 scams were reported 143,000 times.
“While shoppers are becoming more aware of common scams, these tactics are evolving. New technologies like AI make it easier for scammers to operate and harder for people to detect these schemes,” said Anderson.
Microsoft said there are some key advanced scams that shoppers should be alert for.
Deepfakes
AI-powered tools mean that creating deepfakes can be as simple as uploading an image. With the technology advancing so rapidly, a scammer could easily create a deepfake of a celebrity, public figure, or someone close to you to create a convincing scam.
Deepfakes could appear in the form of a photo, audio, or video, all of which could be used to trick a victim into handing over personal or financial data, or trick them into making unauthorised payments.
Shoppers should remain vigilant and look for signs that a call or video may be fake, such as warping or any unnatural aspects. If the person in the deepfake is known, contact them directly.
QR code phishing
Scammers may disguise malicious QR codes in seemingly legitimate content, such as fliers and signs, to entice victims. These scams may offer discounts to convince victims to scan them and then require them to put in personal information or credentials.
To avoid being stung, shoppers should avoid QR codes they deem suspicious or with offers too good to be true, and verify any requests for personal information or credentials.
Tech scams
Despite tech scams having been around for a long time, scammers are using increasingly advanced tools to make them more convincing.
Tech scams are scams in which scammers use fear to convince victims to hand over data or financial information to fix an issue that doesn’t exist.
Tech scams often appear in the form of scammers impersonating tech support workers from Microsoft and other companies, suggesting that there is an issue with a victim’s account or device, potentially even suggesting that they have a virus or a scammer is after them, and that they are here to help.
These scams may also come in the form of calls or other communications impersonating major retailers, inviting victims to fake sites that promise discounts or amazing deals.
According to Microsoft, tech scams “can impact wallets up to 10 times more than traditional phishing attempts”.
How to avoid scams
There are a number of ways shoppers can remain vigilant against scammers during the holiday period.
Avoiding links or attachments in untrusted emails or texts is a strong start. These scammers know that shoppers are looking to make the most out of their dollars and would like the best deals around, and these links may claim to lead to these deals. If it sounds too good to be true, it probably is.
Using multifactor authentication and strong, unique passphrases is arguably the most important way to keep scammers and malicious actors at bay.
Hard-to-guess passwords make it harder for scammers to gain access, and making them unique prevents credential stuffing attacks. Additionally, if a scammer does learn a victim’s credentials, multifactor authentication should stop them from accessing the account without your permission.
Finally, if you get a suspicious message from a friend or family member, double-check that it’s really them. Scammers will impersonate your loved ones in an attempt to steal your data and money.