Cyber Insights | December 2024

Online Shopping Scams

Scammers target online shoppers during the festive season, especially with Christmas shopping and Boxing Day sales.

Criminals create fake websites to look like well-known brands. They pretend to sell products at unusually low prices and may write fake reviews to make the website look legitimate.

This year, the National Anti-Scam Centre in the USA has removed or limited access to thousands of investment, phishing, and online shopping scam websites. About 50 percent of fake or malicious websites taken down in the last three months have been running online shopping scams.

How to Spot the Scam

Products are for sale at unusually low prices compared to other websites.

Reviews are only positive and don’t have a lot of detail.

The website doesn’t have any terms and conditions, ABN or privacy policy.

You are told to pay in an unusual way. This could be by money order, pre-loaded card or a request to pay multiple PayIDs or accounts.

How the Scam Works

Scammers set up fake profiles and fake websites that imitate real brands. These websites may have URLs and page designs that look the same as real shopping websites.

You make a purchase thinking you’ve bought from a legitimate store or brand but instead you’ve entered personal and financial details into a scam website.

You lose your money, but no goods are delivered. Your personal and financial details are now compromised.

What you should know

There are simple steps you can take to help avoid online shopping scams:

• Do some research on the seller before clicking straight to the website.
• Compare prices with other websites.
• Search for independent reviews on other websites.
• Keep the operating system and apps on your device or computer up to date.

Exploit: Hacking

Industry: Healthcare

Risk to Business: MODERATE

The Australian Nursing Home Foundation, which provides community care and accommodation for elderly Chinese and Southeast Asian residents, has been listed on the Abyss ransomware gang’s dark web leak site. The group claims to have stolen 1.5 terabytes of uncompressed data and plans to publish the information on November 5. Abyss is believed to have connections to the notorious HelloKitty ransomware gang, which utilises some of its source code for its malware.?Read more here

Exploit: Hacking

Industry: Retail

Risk to Business: SEVERE

LEE, an Australian organisation selling garage lighting and equipment, was reportedly targeted by a threat actor named “joonas,” who claimed to be selling a database with 210,000 records stolen from LEE. Although details about the data or the breach are scarce, a sample shared with the listing indicates that the stolen information includes names, mobile numbers, email addresses and residential addresses.?Read more here

Advance-Fee Scams are very common, but they're often overlooked.

Cybercriminals take advantage of payout opportunities, like loans or investments, to try and steal your money or financial information. Read below to learn more about advance-fee scams and how to protect yourself.

What Are Advance Fees?

An advance fee is a payment made to a person or an organisation before receiving a loan or an investment. For example, some ATMs will charge you an advance fee before you can take money out of your account. Also, if you need a loan, some lending institutions will charge you an advance fee before you can receive the full loan amount.

What Are Advance-Fee Scams?

In an advance-fee scam, cybercriminals will send a phishing email offering you an opportunity to earn a large sum of money, usually in the form of a grant or loan. In this email, cybercriminals will tell you that you need to pay a small advance fee in order to get the money. To seem more legitimate, cybercriminals use trusted payment platforms like PayPal. If the cybercriminal receives a payment or your financial information, they usually stop all contact. The cybercriminal, your money, and the fake financial opportunity practically disappear.

What Can I Do to Stay Safe?

Follow the tips below to stay safe from advance-fee scams:

• Be cautious of unexpected payout opportunities. Remember, if something seems too good to be true, it probably is!
• If you're looking for a loan or investment opportunity, work with well-known financial institutions. Then, speak to a legitimate representative to find out if an advance fee is needed.
• Always think before you click. Cyberattacks are designed to catch you off guard and trick you into clicking impulsively.

If you would like to discuss your cybersecurity needs, book a complimentary consultation here