The festival of Diwali is just days away, and for Indians everywhere, it means cherry-picking the best buys from an explosion of online shopping offers. However, in this day and age, a dealfest also means that cyber-crooks are just as much out there, picking their targets, which could well be you or I.
The recent conviction of a Thai woman in Singapore — in a luxury goods shopping website scam — is yet another reminder of how close to the precipice of online fraud we always are.
Pansuk Siriwipa and her Singaporean husband Pi Jiapeng, both 29, had started an online business of reselling luxury goods that was legitimate at first, but quickly descended into a spiral of mala fide transactions that left 166 victims cheated out of more than SGD 12 million.
These victims had spotted deals on Tradenation (luxury watches) and Tradeluxury (luxury bags) and made full payments while placing orders. The scamster woman continued taking payments from online shoppers even though she knew could no longer fulfil orders, as her supply chain was broken.
In the run-up to Diwali 2024, several news websites and financial service firms are publishing advice on dodging the e-commerce scam bullet.
Ashok Hariharan, CEO and co-founder of the identity verification startup IDfy, said in an interview with Moneycontrol, that awareness was “essential for online safety”, adding that shoppers “should check for some common characteristics before making online transactions”.
Poonawalla Fincorp, a Non-Banking Finance Company, ran a blog headlined ‘Get Smarter and Protect Yourself from Scams This Diwali’ that listed some common types of e-commerce scams:
● The Bogus URL/Website Scam: These are pretend e-commerce websites mimicking the websites of original e-retailers. Consumers are usually driven to these fake sites via phishing links promising great offers. Diwali shoppers are highly at risk of becoming phishing targets. Clicking on such links, going into the website, and trying to make a purchase means handing over valuable personal and financial data to scammers.
● The Prize and Gift Scam: As consumers loosen their purse strings during Diwali, their phone numbers and e-mail IDs — already available through multiple public channels — become pathways for fraudsters, who send prize and gift notifications in the form of direct calls, e-mail, or text messages. Claiming the ‘gift’ requires a consumer to divulge data that are then used to fleece the victim.
The blog said: “Several URLs ending with .cn (the Chinese domain), especially those that redirect, are known scammers. Moreover, many URL domains ending with .xyz and .top are also well-known for scams. To find out if a website is legit or a scam, you can use a website checker tool such as Google’s Safe Browsing Site Status.”
● The Fake Charity Scam: As Diwali is the time for giving, many Indians are more generous than usual when they receive charity donation appeals. Fraudsters use this sentiment to create fake appeals that are then distributed via any number of social networks, directing the targeted consumers to fake donation sites. Consumers who wish to celebrate Diwali by donating to a good cause, would do well to independently check the social media pages of the charity for signs of consistent work, and they could also ask close friends for information on trustworthy charities.
Moneycontrol today published a government advisory — issued by the Indian Computer Emergency Response Team (CERT-In) — alerting the public to all kinds of scams related to Diwali shopping, including cash-on-delivery (COD) scams.
In COD scams, online shoppers are lulled into a false sense of security, as they believe the cash-on-delivery option protects them from digital fraud. However, if they bought an item from a fake website, then they would be handing over their money to the delivery executive for a fake or low-quality or damaged item, or perhaps even for a parcel containing nothing but rubbish.
The delivery executive would be innocent in this case, as his/her only job is to hand over a sealed package and accept payment for it. The consumer, once he/she discovers the scam after opening the package, would find that the so-called e-commerce site, from where the item was purchased, would not respond to e-mails or calls from the customer. This would mean both a financial loss and an emotional scar for the consumer. Therefore, identifying the correct e-commerce platform is the best preventive measure one can take.
Some of the key actions for online shopping scam prevention are:
- Download shopping apps only from Google Play (for Android) and App Store (for Apple devices), as you are assured of genuine apps.
- Never click on shopping website links sent by text message, WhatsApp, Facebook Messenger, or some other social network as these could well be spurious links sent for phishing scams.
- Check for the green padlock and “https”, which stands for Hypertext Transfer Protocol Secure, at the start of the URL on the payment page of a website. No green padlock and no “https”? Back off, as the personal data you must enter to make the payment are not secure.
- Rather than follow the ‘Shop Now’ link on a Facebook ad for garments or gifts, independently search for the name of the e-retailer on your preferred search engine, so that it takes you directly to the e-commerce website.
- Check an e-commerce website thoroughly, if using it for the first time, to see if it looks professionally made; if it has a clear shipping and refunds policy page; if it has a helpline number; and if it has enough customer reviews for its products.
Black Friday scams to follow Diwali shopping scams
Like Diwali, another big date on the online shopping calendar is Black Friday, or the Friday after Thanksgiving, which falls on Thursday, November 28, this year. In a blog published last year, titled ‘7 Black Friday scams + how to avoid them in 2023’, the cyber-security company Norton said: “Black Friday draws millions of holiday shoppers seeking to score deals, compete for hot products, and cross names off their shopping lists. In 2022, American shoppers spent more than $9 billion on Black Friday alone.
“Regrettably, this flurry of shopping activity also attracts scammers looking to cash in, and the trends in consumer fraud are not encouraging. According to the [Federal Trade Commission], consumers lost more than $8 billion to scams in 2022, a 30% rise over the previous year.”
The Norton blog listed the following scams related to Black Friday:
- Non-delivery scam
- Gift card scam
- Fake charity scam
- Fake order scam
- Fake website scam
- Fake delivery scam
- Account verification scam
All of these scams have one common basis: consumers unwittingly engaging with fraudsters, believing them to be genuine e-retailers. Since there is little or no remedy for money lost in shopping scams, safeguarding your cash begins with exercising extreme caution at every step: from identifying the e-retailer to making the final payment.