ONLINE shoppers hunting for bargains this Black Friday risk getting scammed if they pay for goods with their debit cards.
That’s the shock claim made by one cyber security expert, who says punters should only ever use their debit cards to grab cash from ATMs.
London-based cyber buff Javvad Malik believes deal-hunters can best avoid falling foul of fraudsters by using a credit card when shopping on the web.
He made the comments in an exclusive interview with The Sun about online hoaxes around Christmas.
“With the holiday season upon us, and most retailers having sales, we’re seeing more scams targeting consumers,” said Javvad, an expert at KnowBe4, which offers cyber security training courses.
He continued: “Use a credit card to buy stuff online if possible.
“Never use a debit card to make online purchases but use that debit card to take out cash only.”
Phishing scams are one popular weapon used by cyber crooks looking to fleece you, Javvad warned.
Around this time of year, criminals often lure victims in using “evil-twin” shopping sites, which purport to look like those operated by big brands such as Amazon or John Lewis.
However, they’re actually built by scammers who steal your card details once you enter them into the phoney web page to make a purchase.
“Never click on links in emails,” Javvad told The Sun.
“If you want to shop at a site, enter that site address in your browser. There are thousands of fake sites that look almost identical to the real thing.
“Don’t fall for evil-twin shopping sites.”
If you do fall victim to tricksters, using a credit card rather than a debit card may save your cash from being nicked.
That’s because credit cards offer better protection against fraud and other scams.
“Credit cards typically offer more protections and any money taken doesn’t go straight out of the account, unlike debit cards,” Javvad said.
“If one does not have a credit card, then alternatives would be to use other payment wallets such as PayPal or similar.
“That’s not to say debit cards shouldn’t be used at all. One needs to exercise caution and perhaps restrict its use to well-known and reputable sites.”
Javvad has worked as a cyber consultant and expert for over 12 years and runs a blog and YouTube channel about security awareness.
Dodgy phishing sites aren’t the only thing to look out for over the holiday season, he added.
What is phishing?
Here’s what you need to know…
- Phishing is a type of online fraud
- It’s typically an attempt to nab some of your data
- Phishing generally involves scammers posing as a trustworthy entity
- For instance, fraudsters could send you an email claiming to be your bank, asking for details
- Scammers can also set up fake websites that look like real ones, simply to hoodwink you
- Phishing can take place over email, social media, texts, phone calls and more
- The best defence against phishing is to be generally sceptical of weblinks and emails, especially if they were unsolicited
Online shoppers should also be wary of malicious ads and popups that claim to offer a top deal but when clicked load your computer with viruses.
One emerging scam is the use of “e-skimming” tools to nick your credit card details on legitimate sites.
“Do you know that bad guys sometimes skim your credit card at gas stations or ATMs?” Javvad said.
“Well, there is a new flavor of that, the shopping website you order from might be infected with a “e-skimmer” and they steal your card data when you check out.
“You can prevent that by using PayPal or Amazon.”
Britain is experiencing an explosion in fraud cases, from email phishing scams to identity theft.
It’s thought that Brits lose more than £190,000 a day to cyber-criminals, up 24 per cent from 2018.
In other cyber security news, Russia is reportedly jamming GPS systems on a mass scale to confuse western ships and planes.
Moscow recently tested turning the entire internet off to defend against US cyberattacks.
It recently emerged that cyber criminals from Russia and China targeted the phones and email accounts of MPs with a messaging app scam that let the attackers send fake messages.
Are you worried about a cyber attack? Let us know in the comments!
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at firstname.lastname@example.org