Black Friday 2019: How scammers use gift cards, hot toy deals to trick you
by Susan Tompor
Detroit Free Press
20 Nov 19
Scammers love impersonating the Internal Revenue Service, the FBI and Social Security. Why not add Black Friday shoppers to the list?
Retailers are being warned that sophisticated scammers could target online Black Friday deals in highly automated schemes that use fraudulent accounts created with stolen data and fictitious identities.
The goal would be to scoop up door-buster deals or special coupons and deplete the inventories of hot merchandise for the holidays, according to Shannon Wu-Lebron, senior director of retail for TransUnion's diversified markets group.
Once the fraudsters use fake credit cards or hijacked accounts to order the stuff at bargain prices, they'll turn around to sell the popular toys, TVs or other deals on online marketplaces and elsewhere at inflated prices.
Holiday shopping in installments: Here's what to consider
E-skimming: Hackers hover near online shopping carts
About 75% of shoppers plan to do half or more of their holiday shopping online, according to TransUnion's 2019 Holiday Retail Fraud Survey, released Nov. 19. Of that group, 46% worry about becoming a victim of fraud.
The survey of 2,593 American adults took place in October.
Here are tips to stay safe:
Beware of pitches for hot toys you can't find
The Better Business Bureau warns that scammers may send a text message out of the blue promoting very low prices on hard-to-find gifts. There can be hidden charges or monthly fees or even outright fraud if someone is phishing for your personal information or credit card number.
Cyber criminals like to use big events, such as Black Friday or Cyber Monday, to send emails containing malicious links or attachments, according to a holiday shopping alert from the Cybersecurity and Infrastructure Security Agency.
React fast if your password doesn't work
It's more common than you might think for fraudsters to attempt to take over your credit card account to steal loyalty points or rewards built up on the card or make unauthorized purchases.
The fraudsters use stolen information, perhaps from a data breach, that's available on the Dark Web.
You might spot a sign of trouble if your regular password won't work and you've not changed the password. Or you might spot charges on monthly statements you didn't authorize.
Experts say you do not want to use the same password over and over again on every site.
Take the extra steps for ID verification
It's important for retailers and e-commerce sites to identify fraud patterns as they emerge. Retailers and others need to determine if fraudsters are using a smartphone or laptop that doesn't match the device used by a legitimate consumer, according to Geoff Miller, head of global fraud and identity solutions at TransUnion.
"Moving to a digital word has allowed fraudsters to be more advanced and technically savvy," Miller said.
About 57% of consumers surveyed said they were likely to go through the extra steps of verification to complete a purchase even if a company suspended their order over concerns of possible fraud, according to TransUnion's 2019 Holiday Retail Fraud Survey.
Examine that gift card before you buy it
Con artists make millions of dollars going to major retailers to engage in a variety of gift card scams.
"Look for gift cards that are either near, at or behind the register, or those that need to be loaded with funds before they're usable," said Brian Krebs, who writes a blog called "Krebs On Security" and wrote a bestseller called "Spam Nation."
He noted that most retailers and restaurants that sell gift cards allow you to order those cards via their websites — which might be a smarter option to avoid some types of fraud.
Con artists have engineered a way to steal information and tamper with gift cards inside the store. As a result, you must take time to examine the decal covering a PIN to make sure the PIN isn't visible.
Remember when it comes to decals, "thieves can easily scratch those off, and then replace the material with identical or similar decals that are sold very cheaply by the roll online," according to KrebsOnSecurity.com.
It's part of an elaborate scheme in which crooks can gather enough information off a gift card on the rack, go online to monitor the gift card account's activity at the retailer’s online portal, then strike once the cards are paid for and activated at the checkout register.
"Once a card is activated, thieves can encode that card’s data onto any card with a magnetic stripe and use that counterfeit to purchase merchandise at the retailer. The stolen goods typically are then sold online or on the street," according to KrebsOnSecurity.