Far from shopping malls and commercial avenues due to the pandemic, Argentines turned to online shopping. Those who had already experienced this modality increased it. And thousands of those who had never practiced it were forced to join in the new. However, there are many who have already incorporated it as their main form of access to the consumption of daily products.
The figures surrounding the ecommerce boom in the country are disparate, but they all draw the upward arrow. They explain that in 2020 there was a activity growth of between 79% (TiendaNube) and 100.6% (emarketer).
Criminals who often move around digital platforms took note of the phenomenon and created fake sales sites, designed to steal data or money from a purchase. A) Yes, January this year saw the all-time high in the number of unique phishing site URLs globally, according to a report by the Anti-Phishing Working Group (APWG).
But in order not to fall into digital traps you can follow a series of tips for identifying if a website is secure, in order to minimize the risk of losing data or suffering a financial scam.
Buy safely on the internet
Experts advise writing the address of the site to which one is going to go and not through links. Photo: iStock
Beware of misspelled URLs. Misspelled or misleading URLs are among the most common tactics cybercriminals use to trick people into visiting their websites.
A homographic attack occurs when “threat actors register domains whose names are very similar to legitimate ones. For example, instead of facebook.com, facebool.com (on the keyboard the letter L is next to the K) “, alerts Cecilia Pastorino, a researcher at the ESET Latin America laboratory.
Even the fake website has a design that looks identical to the original to mislead the visitor.
“There was a case of a fake Mercado Libre site whose URL was mercalclo.com. They sent advertising on WhatsApp to thousands of people with a false offer. Those who clicked on the image were directed to a page identical in design to that of Mercado Libre. And there they stole your cards and the Mercado Pago user ”, adds the specialist.
Advertising campaign whose link led to a false Free Market.
Those who clicked were asked for their credit card details and even their ID.
You better write the urls. Many phishing emails include links to sites that look real and are difficult to recognize as fake.
“If you want to go to a specific website (that of your bank or a PayPal account, for example) it is better to access the site only by typing the address in the browser’s address bar, without using search engines to access the site”, they add from the security company Kaspersky.
Check if a website is malicious. If you have the feeling that there is something strange about the website you are visiting, there are different tools that can be used to verify it. Google, for example, offers Safe Browsing Site Status, where you can paste the URL of a website and the tool identifies whether the site is safe.
“Another similar option is the VirusTotal Checker, which analyzes the website address and compares it with numerous top-notch antivirus engines and web-scanning engines to indicate whether a particular URL may be malicious,” they point out in ESET.
Review your credit card movements. Online consultation of the latest credit card movements not only helps to keep track of purchases. They also give consumers the option to contact the card company if suspicious spending is detected.
Keep two-factor authentication active whenever possible. As explained by Jan Zika, web threat leader at digital security company Avast, “Two-factor authentication requires you to enter a second code along with your username and password when you log into one of your accounts.”
This code is generally sent to the phone via SMS or email address associated with your account, or it can be generated on a mobile phone through an app, such as the Google Authenticator application.
Two-factor authentication can also serve as a warning system when someone else tries to access one of your accounts and doesn’t enter the correct code.
It is convenient to check the movements of the credit cards often. Photo Shutterstock
Find contact information. Any legitimate business that is interested in building a relationship with their customers has contact information somewhere on their website for cases where something goes wrong. It usually consists of a contact form, email, postal address or telephone number.
Be careful with https. A very common rule to check if a website is secure is to check if it uses the https protocol. But this only ensures that the communications between the web server and the visitor’s browser are encrypted. This provides security against interception of information, which makes it safe to log in, but does not mean that the site is legitimate.
“Cases of sites using https to mislead people into believing that their fake sites are ‘safe’ are on the rise as criminals can easily obtain a valid certificate for their fraudulent websites, in the same way that a legitimate company ”, they explain in ESET. Thus, it is valid to take this indicator into account, but by itself it is not enough.
“Anyway, when one is sharing sensitive information such as the credit card number, when clicking on the padlock at the beginning of the browser’s address bar, and then on the word Certificate, the name should appear of the company behind the page. Checking this can give more confidence ”, indicates Pastorino.
Enter only recognized sites. There are many ways that criminals try to entice customers to buy from fake sites. Some come into contact through official e-commerce sites such as Amazon or Mercado Libre but then seek to steer the conversation away from them, for example, so that Mercado Libre is no longer responsible for the sale.
Use a security solution. “They check the links that are received by all means: mail, WhatsApp, social networks. It is the easiest way to be protected, because these softwares block access to sites that steal credentials ”, they suggest in Kasperky. It is also key to update the software of the devices, such as the operating system.
Don’t share too much personal information. “There are retail sites that ask for birthday information, your mother’s maiden name, and even your first pet’s name or income. Sometimes sites promise great deals for spreading this information, so you have to wonder if it’s worth it, “closes Jan Zika of Avast.