Black Friday is one of the biggest retail sales days, with deals on headphones, TVs, clothing, etc. It marks the start of the Christmas shopping season. Scammers work all year long, but during the holidays, Black Friday Scams happen when people are more likely to spend money.

Scams come in all shapes and sizes. When stores like Amazon, Best Buy, and Walmart offer deals during the holidays, fraudsters set up fancy websites to trick you into spending money on products you’ll never get. Thieves may send you text messages or emails saying you can get a refund for something you never bought. They do this to get your credit card information. You might even be persuaded to give money to a charity that helps homeless puppies find homes, only to find out that it doesn’t exist.

See Rhyno Cybersecurity in Action

Here are the top 5 scams to watch out for in 2022.

1) Fake Order Scam

This time of year, it can be hard to keep track of all the packages you have on the way. You may have a bunch of them arriving at any given time, and scammers will try to sneak in by sending you fake order confirmations by mail or text message on your phone. Then, with an email attachment or a link to a fake website, they’ll try to get you to download malware or visit a site that tries to steal your identity.

Since these messages can look very real, the best place to check on your orders is on the site where you bought them. Don’t click on any links or attachments you get. Instead, go straight to the websites where you ordered.

2) Fake Tracking Number Scam

This scam is similar to the fake order scam, but this time the bad guys will send a fake package tracking or “non-delivery” issue notice, again as a link or an attachment. First of all, real stores do not send tracking numbers in a file attachment. So if you see something like that, you can be sure it’s a trick to get malware onto your computer. In the case of a link, the scammers want to send you to a website that will steal your personal information, as in the case above.

Again, going to the source is the best way to track your packages. You can find out where your package is by going to the online store where you made the purchase, opening your current orders, and looking at the tracking information there.

3) Fake Website or Mobile App Scams

Scammers often use “typosquatting,” which is when they make fake email addresses and URLs that look a lot like the real addresses of companies and retailers. They are so similar you might not notice them. They often show up in phishing emails. Instead of taking you to a website with great deals, they can send you to fake sites that steal your login information, payment information, or even your money if you try to order something through them.

You can avoid these sites by going straight to the store’s website. Be wary if you get a link in an email, text, or direct message. It’s best to go to the site yourself by typing in the real address and looking for the deal there.

4) Hot Deal Scams

The idea of limited-time-offer, fire sales is at the heart of holiday shopping. And con artists love it when things are scarce. There’s always a popular holiday item that’s hard to find, and scammers will make fake websites and deals around those items to get you to trust them. They could pretend to be an actual store by using the typosquatting method, or they could set up a site with their brand to look authentic on their own (or at least try). Either way, these scams can hurt you in two ways: you’ll pay for the goods but never get them, and the scammers will now have your payment information and address, which they can use to commit more fraud.

If the price, availability, and delivery time for the item seem too good to be true, it may be a scam to get your personal information and bank accounts. So be careful before you click here. If you need more clarification on a product or store, you can find out if it’s real by reading reviews on reputable websites. (The Better Business Bureau is an excellent place to start.)

5) Charity Fraud

Donating to charities in your name or in the name of someone else is a popular holiday act of kindness. Unfortunately, scammers also know this, which is why they set up fake charities to make money. A pitch that tells you to “act now” is one sign that a fake charity has contacted you. A good charity will tell you why they need your money but won’t force you to give. Also, fake charities will ask for payment in the form of gift cards, wire transfers (like Western Union), money orders, or even cryptocurrency. This is because it’s nearly impossible to get your money back once you send it and find out you were scammed.

There are many ways to donate to real charities. The Government of Canada has a great website with a list of accredited charities to help you ensure your money goes to the right place.

So, how can I ensure I don’t get ripped off on Black Friday or Cyber Monday?

Some of it requires a sharp eye that can spot these scams as they pop up in your inbox, texts, social media feed, and so on. You can still stay safe when shopping on Black Friday, Cyber Monday, or any other day.

Stick with online stores that are well-known and legitimate.

This one is an excellent place to start. One of the best ways to avoid scammers online is to type in the correct address for online stores and shops. The Better Business Bureau (BBB) asks shoppers who don’t know much about a store to do research and make sure that the store has a good reputation. This is made easier by the BBB, which has a list of stores that you can search by just typing in their name.

Look for the lock icon in your web browser when you shop online.

The address of a secure website starts with “https,” not just “http.” The “s” means that the website uses a secure protocol to send sensitive information. It usually looks like a small padlock in your browser’s address bar, so look for that. If you can’t tell that it’s safe, it’s best not to buy anything from that site.

Use your credit card instead of your bank card to pay.

The Fair Credit Billing Act protects people from fraudulent charges on their credit cards. People can dispute charges over $50 for goods and services that were never delivered or were billed wrongly. Keep in mind that many credit card companies have their own rules that are better than the Fair Credit Billing Act. But debit cards are not protected in the same way by the Act. Don’t use a debit card to buy things online; instead, use a credit card.

Use accounts with two-factor authentication.

In addition to your username and password, two-factor authentication is an extra layer of security. It adds the need for a one-time-use code to get into your account. This code is usually sent to you by email, text message, or phone call. Overall, it combines something you know, like a password, with something you have, like a smartphone. Together, these things make it harder for someone to break into your account. If any of your accounts support two-factor authentication, the few extra seconds it takes to set up are more than worth the big boost in security you’ll get.

If you shop on public Wi-Fi, use a VPN.

Public Wi-Fi in coffee shops and other public places is open to everyone, so anyone can look at what you do on those networks. A virtual private network (VPN) encrypts your browsing, shopping, and internet traffic. This keeps your passwords and credit card numbers safe from people trying to steal them from public Wi-Fi networks.

A VPN also hides your location and IP address and uses encryption to keep your activities secret. Because of this, companies and data brokers may be able to find out much less about you, your shopping, your travels, your habits, and anything else they could learn about you and use to make money.

Clean up your online information.

That is correct. Your information is gathered, purchased, and solidified online. In reality, personal information powers a worldwide data trade industry worth USD 200 billion every year. These sites, which are run by data brokers that retain hundreds or even thousands of data points on billions of individuals, collect, analyze, purchase, and sell this information to other firms as well as marketers. Similarly, these data brokers may sell this information to bad actors like hackers, spammers, and identity thieves who will use it for their own goals.

Getting your information erased from these sites might seem to be a challenging undertaking. (Where do I begin, and how many of these sites are there?) Our Personal Data Cleanup can assist by scanning these high-risk data broker sites regularly for information such as your home address, date of birth, and names of relatives. It determines which sites are selling your data and, depending on your package, requests removal automatically.

Keep your identity safe from identity thieves.

The dark web is another place where personal information is bought, sold, stored, and exchanged. The difficulty is that it’s especially difficult to establish what, if any, of your information is on the dark web, where hackers and criminals may access it. Identity monitoring may be beneficial. McAfee’s identity monitoring protects your personal information by alerting you if your data is discovered on the dark web an average of 10 months before our competitors.

Depending on your area, monitored data might vary from bank account and credit card information to email addresses and government ID numbers. If your information is discovered, you’ll get an alert with measures you may take to mitigate or even avoid harm if it hasn’t already been used illegally.

Keep track of your credit.

Keeping track of your bills and statements as they arrive can assist you in detecting unusual activity on your accounts. A credit monitoring service may improve on that by checking your credit report daily. However, there are certain restrictions to doing this manually. First, you must log into each bureau and conduct your own research. Second, the number of free credit reports you may get each year is limited. A firm may accomplish this for you without affecting your credit score.

Sharing is Caring!

You are welcome to put this blog article on your website, provided you also append an active link to our website “Source: https://resources.rhyno.io”

For media enquiries, contact us at [email protected].


Rhyno delivers a range of activities that combine to fully protect your infrastructure and data from cybercriminals, anywhere and everywhere, 24/7/365.


About Rhyno Cybersecurity Services

Rhyno Cybersecurity is a Canadian-based company focusing on 24/7 Managed Detection and Response, Penetration Testing, Enterprise Cloud, and Cybersecurity Solutions for small and midsize businesses.

Our products and services are robust, innovative, and cost-effective. Underpinned by our 24x7x365 Security Operations Centre (SOC), our experts ensure you have access to cybersecurity expertise when you need it the most.

This website uses cookies to improve your online experience. By continuing, we will assume that you are agreeing to our use of cookies. For more information, visit our Cookie Policy.

Privacy Preference Center