This year, the Black Friday date is November 23, 2012. Looking for Walmart, Target, Kmart or Best Buy Black Friday 2012 ads leaked online? Be careful that you don’t download a computer virus instead. Fraudsters often exploit familiar, trustworthy corporate brand names to fool victims.
You may think Best Buy has sent you an email with Black Friday discount coupons, but it’s actually a phishing scheme designed to steal your personal information or install malware on your PC. That’s why the Scambook Blog is here. Keep reading to find out about Black Friday online scams and how you can protect yourself.
Although phishing, hacking and other security threats are year-round risks, online fraud always peaks during holidays and shopping events like Black Friday. Scambook predicts that Black Friday 2012 (and Cyber Monday) will see a significant spike in fraud.
We’ve already talked about the massive Free $1000 Best Buy Gift Card text message scam, also known as BestBuyContest.com and BestBuyWin.net, which we predict will cause over $40,000 in damages before the holiday season is over.
Then, there’s retail fraud surrounding hot gift items like Furby dolls and Microsoft Surface tablet PCs. But Black Friday scams take multiple forms.
Phishing in Your Inbox
In previous years, a spam email has circulated in early November with a subject line that
Phishing emails use many strategies to “fish” for your personal or financial information, often exploiting popular trends like Black Friday.
displays some variation of the phrase “leaked Black Friday ads.” The message, originating from a variety of senders, contained an email attachment that claimed to reveal Black Friday sales items for retailers like Walmart, Target and Best Buy.
If downloaded, however, the attachment installs a virus or other malware on your computer. It may also hijack your email account and send the fraudulent message to your email contacts, posing as you.
Sometimes, these emails don’t include an attachment, but they trick you to send a reply with your personal or financial data. They may also send you to an external website that looks legitimate, yet exploits security holes in your web browser and installs a Trojan virus, keylogger, spyware or other malicious software.
Video Player Update Proves False
Security threats may also take the form of a phony YouTube video. You may encounter these in a link from a phishing email, sent to you by a spambot account on Twitter or other social media or even posted by a friend whose Facebook account has been hacked.
Phony video fraud is a popular scheme during the holidays, when your friends and family are more likely to reach out to you and share seasonal video clips.
You might see a video with an innocent title like “Black Friday Shopping Tips” or “Best Holiday Deals 2012.” It might spoof YouTube’s design so well that you won’t realize it’s fake.You click “play,” but a notification window pops up: You need to install the latest Adobe update before you can watch the video.
Unfortunately, by clicking “play,” you may have already installed something without your knowledge or permission — but agreeing to the fake update will virtually guarantee that your computer becomes infected with a virus or other malware.
Google Searches Can Pose a Threat, Too
In 2010, cyber criminals polluted search engines like Google by hiding malicious websites among legitimate search results. One bad site was linked to the keywords “Best Buy Black Friday 2010 Deals.”
But what if you’re just searching on Google, Bing or Yahoo? If you find the website yourself in a list of search results, it’s got to be safe, right? Wrong. Fraudsters can pollute search engines using a technique known as “blackhat SEO,” which means their fake site shows up next to all the legitimate results for terms like “Walmart Black Friday Sales 2010” or “Cyber Monday.” Online security experts discovered a number of these sites in previous years. Although search engines are constantly improving their security, malicious links can still sneak in.
Often, the attack varies depending on your computer and your web browser. A fake site associated with the keywords “Best Buy Black Friday 2010 Deals” used secret embedded javascript to detect Internet Explorer users. If you were using IE, the website would send you a fake anti-virus notification, trying to convince you that you needed to install something called “Internet Security Suite” to protect your system. However, the so-called Internet Security Suite turned out to be the virus itself!
Scambook’s Advice for Black Friday Cyber Shoppers
If you’re hunting for Black Friday 2012 early bird deals online, use caution.
Always use a secure Internet browser like Google Chrome or Mozilla Firefox and make sure it’s up to date. Do the same for your computer’s firewall and your anti-virus software. If you don’t have anti-virus software already, try AVG or Avira. They’re both free.
Never open email attachments you aren’t expecting, especially if you don’t recognize the sender. You should also be suspicious of links to outside websites or videos, as well as any emails that require personal information. Even if an email claims to be an official message from sites like eBay or PayPal, don’t respond if they ask for your user password, financial account information or credit card number. Legitimate sites will never request this information via email.
Finally, don’t install “updates” or “security software” just because some random website asks you to. If a video tells you to install the Adobe Flash Player, don’t click “yes.” Instead, close your browser, open a brand new window, and go to Adobe.com to get the update directly — if there really is an update, that is.
But should you shop on Black Friday 2012 at all? Next week, Scambook TV host Kevan will bring you some shocking reasons about why you might want to skip Black Friday completely and just sleep off your Thanksgiving turkey. Stay tuned!
See Also
4 Reasons Why It’s Better to Use Your Credit Card for Holiday Shopping
Use a Prepaid Card This Cyber Monday for Safer Shopping and to Stay On Budget
4 Quick Tips to Get the Most Value Out of After Christmas Sales
[…] First, let’s take a look at the cybercriminal schemes. […]
[…] “Leaked” Black Friday deals. If you received a link to Black Friday deals from a trusted retailer like Target or Walmart before those deals were available to anyone else, wouldn’t you click on it? Not so fast. These stores don’t have preferred Black Friday shopper programs, and those links are malicious. This Black Friday scam appeared last year, and it’s already popping up again in 2012. […]