Black Friday warning for South African shoppers

Online scams are becoming increasingly sophisticated, with fraudsters taking advantage of the same strategies retailers use to sell products to consumers on Black Friday.

This is according to Brian Pinnock, VP of sales engineering at Mimecast South Africa, who told Cape Talk that the stigma that victims are at fault for falling for scams must be removed.

“If you do fall for a scam, it’s got nothing to do with stupidity. It actually has to do with how our brains work,” Pinnock said.

“Unfortunately, during Black Friday, retailers exploit the same part of your brain that the fraudsters do.”

Pinnock explains that this is the impulsive part of the brain that thinks very quickly and is very intuitive, causing people to act on a decision without giving it much thought.

He says the best way to overcome the manipulation of this tendency is to give the purchase decision some thought and sleep on it.

Fraudsters have also become far more sophisticated than they were in 2023, employing advanced tactics to make their scams seem more believable, according to Pinnock.

“These fraudsters are businesses and are run like call centres, investing money in things like advertising and human resources,” he said.

“The difference this year is that they use artificial intelligence as a force multiplier to allow the scams to work at scale.”

He says that AI does all the heavy lifting by finding potential victims, and then humans are brought into the equation, cutting down on the cost of these operations.

They also advertise deals on social media and redirect users to a legitimate-looking website when they click on it.

Pinnock said some of these websites can often be legitimate, further confusing matters. He said the best way to determine whether it is a scam is to scan the URL.

Users can use VirusTotal or the South African Fraud Prevention Service’s Yima website to do so.

Another indicator of potential fraud is if a user is not redirected to their bank’s 3D secure page or mobile app to confirm the transaction.

3D Secure adds an additional layer of security to online transactions by requiring two-factor authentication.

The South African Banking Risk Centre suggests that shoppers choose a strong password or passphrase when registering on a secure site and never save it on any device. The same goes for payment credentials.

For most people, remembering strong and unique passwords for every sensitive website they have an account at is impossible, so it is advisable to use a reputed password manager.

Considering that these fake websites aim to steal personal information, it is never a good idea to share personal information such as ID numbers or date of birth — something retailers don’t need to process an order.

An example of how one of these scams can play out is a scam that went live last week replicating a Checkers website.

The site’s URL was checkershypersa.co.za, whereas the actual website is checkers.co.za.

MyBroadband contacted Shoprite, and it confirmed that the site was fraudulent.

The site contained several electronic goods, all advertised at discounted prices, most of which were 50% off.

However, a consumer who expects to find several significant deals may not see the site as a red flag, and sometimes, there is no definite way to know.

When the site was run through both of the abovementioned tools to determine whether it was legitimate, neither flagged it as a scam.

Therefore, it’s often best to ignore the need for immediate gratification and carefully investigate a site and the deals it is offering before giving it your payment details.

“When transacting online, you have to be proactive. You have to do your homework and understand who you are contracting with,” said Consumer Goods and Services Ombudsman Lee Soobrathi.

“Make sure you do your best to protect yourself, and while we can’t 100% avoid these fraudulent websites, the proactive approach is best. If you get an inkling that something is wrong, we would suggest staying away from it and not transacting at all.”