Image credit: Getty/zamrznutitonovi
Black Friday is the biggest online shopping day of the year, and it's also a prime time for scammers to try to take advantage of consumers.
It's a growing problem. UK Finance data shows that £42 million was lost to purchase fraud in the first half of 2024 – and with almost 70,000 cases that averages 375 cases every day.
“Regrettably, cyber criminals view this time of year as an opportunity to scam people out of their hard-earned cash,” says Felicity Oswald, Chief Operating Officer at the National Cyber Security Centre (NCSC).
“The increased availability and capability of technology like large language models is making scams more convincing.”
What's new in 2024 is that UK consumers now have more protection under "authorised push payment" rules which means that you should get a refund from your bank.
But there are still exceptions, including international payments, or if the bank thinks you were "grossly negligent" - and any refunds can be subject to an excess of up to £100.
So if you don’t want to fall foul of a Black Friday scam, make sure you follow this expert advice.
During the Black Friday deals, our inboxes are flooded with a surge of emails from retailers, enticing us to part with our cash – however, this gives fraudsters a way in.
“Black Friday gives scammers the ideal opportunity to use tactics such as phishing emails, text messages or impersonating websites to advertise fake deals and ultimately steal your personal information,” says Liz Hunter, Director at Money Expert.
One favourite trick of scammers is to send out text messages claiming to be a representative of the brand you’ve recently bought from.
“Such texts request information or claim a refund is due and usually contain links,” says Guy Bauman, Co-Founder and CMO of security app Ironvest.
“Never engage with these types of messages. Instead, log in to your account to review if there are any issues with your recent orders.”
If you do suspect you’ve received a fraudulent email or text, block the user and delete the message. You might also be able to report it.
“Some email providers do enable you to report spam or phishing, which is always worth considering, as it can help stop scammers in their tracks,” advises Hunter.
Can you tell if an email is fake?
Unfortunately, scammers are getting more sophisticated, however, there are some tell-tale signs that the email is fake.
Mistakes: If you notice lots of spelling or grammar mistakes in the email, it’s probably not going to be genuine.
Dodgy email addresses: Some scammers also ‘mask’ their email address. It may look like the email comes from an official email address, but often this hides the real details. There’s an easy to way to check though.
“You can do this by clicking on the sender to see the email address it’s come from,” says Hunter. “Watch out for any misspellings or strange, unrelated email addresses. If you’re unsure, go directly to the retailer’s website instead.”
False urgency: Be wary any time someone tries to convince you that you must act now. Scammers love to use this tactic to persuade you to do what they want.
Asking to pay over the phone: Sometimes you may get an email from a retailer asking you to contact them and pay over the phone. Never do this. No genuine retailer will ask you to do this.
You can tell if a website is secure by looking for the padlock icon next to the URL in your browser's address bar.
The lock icon indicates that the website is using an SSL certificate. When you see the lock icon, you can be sure that your connection to the website is secure.
It still doesn’t mean that the website is reputable or legitimate, but it does mean the connection is.
As with emails and text messages, beware of websites with poor design or grammar errors. Legitimate businesses typically invest in professional-looking websites.
If a website looks like it was thrown together in a hurry, or if it has a lot of grammar and spelling errors, it's possible that it's a scam website.
If you're still unsure whether a website is secure, it's always best to err on the side of caution and avoid it.
There are plenty of other websites out there that you can use without putting your security at risk.
If you want to check if a site is genuine, try using an online tool, such as F-Secure’s Online Shopping Checker.
This allows you to test any online store’s URL to confirm if it's legitimate. Not only does it detect the reliability of the store, but it also shows trust ratings so you can get all the information you need before making a purchase.
Buying via social media sites puts you at an increased risk of scams. According to TSB, Facebook accounts for two thirds (67%) of all purchase fraud losses by volume, and 59 percent by value. This is followed by Instagram, which accounts for 16% of purchase fraud by volume, and almost a third (29%) by value.
Fraudsters often exploit this avenue by creating fake profiles or pages that closely resemble legitimate businesses.
This deception can lead unsuspecting users to believe they are making a purchase from a reputable company, only to discover they are dealing with an imposter who may misuse their personal and financial information.
Social media platforms, unlike traditional e-commerce websites, frequently fall short in providing adequate buyer protection, which is why you can fall foul of Black Friday scams so easily.
This deficiency means that should issues arise with your order, obtaining a refund or replacement may prove challenging.
“With so many shopping options across social media platforms, these retailers are really not set up to protect consumers’ personal data,” says Bauman.
If you’ve seen something you love being advertised or promoted on social media, it's prudent to take extra steps for security.
Instead of making a direct purchase through the platform, consider finding the product details and conducting a separate search on the retailer's official website or visit the physical store.
Nicola Bannister, Director of Customer Support at TSB, said: “At this time of year, we’re all shopping online more than ever – but it’s important to be wary of scams on social media platforms, as crooks are listing items that simply don’t exist.
“We’d advise sticking to reputable websites and only buying an item you’ve found on a social media platform if you can view it in person first.”
Certain types of purchases are at higher risk of scams than others. According to TSB, these are the most commonly scammed items - so think extra-carefully if you're buying one of these:
Almost half (48%) of purchase fraud cases are £100 or less.
It’s so tempting to reuse the same password for multiple accounts, but it's a risky habit. If one account is hacked, attackers could gain access to all of your accounts.
The best way to protect your accounts is to use a unique, strong password for each one.
You should also change your passwords regularly, especially if there is a data breach at a company where you have an account.
Passwords don't need to be complex. In fact, a three-word passphrase is just as secure as a longer password with a mix of upper and lowercase letters, numbers, and symbols. Just choose three random words that are meaningful to you and easy to remember.
The safest way to shop online – or even in store – is by using a credit card. This is because, unlike debit cards, they are protected by Section 75 of consumer credit law.
Basically, if you buy something with your credit card and it’s faulty, broken, or never arrives, you have the right to claim the costs back through your credit card provider. It also covers you if the company goes bust.
Using a credit card is also less risky if your details are stolen. As it’s not linked to your bank account, you won’t have to worry about further fraudulent activity on the money in your account.
If you’ve only got a debit card, you may be able to apply for chargeback, a voluntary scheme, which enables you to dispute a card transaction and request your money back for something you've paid for.
This isn't just helpful for scams - it's also worth trying when goods aren't delivered, or if the seller goes into administration. There’s no guarantee you’ll get the money back though.
New rules on authorised push payments mean that if you've sent money using a bank transfer, you can ask your bank for the money back if you've been a victim of fraud.
For online shopping, payment apps like PayPal, Google Pay, and Apple Pay offer security features including tokenisation. This is where they hide the payment information so retailers (and scammers) can’t see them.
This helps to protect you from fraud in case the retailer's website is hacked. Some of them will also require multi-factor authentication (such as a code or your fingerprint or face) when logging on, which protects the payment further.
Additionally, they offer their own dispute resolution mechanisms in case of any issues.
If you pay with a money transfer service like MoneyGram, PayPoint or Western Union, it's unlikely you'll be able to get your money back if you're a victim of fraud. If you use vouchers or gift cards to pay, and it turns out to be fraud, it's also unlikely you'll get your money back.
Never give the numbers on the back of a gift card or voucher to someone you don't know.
Limit the sharing of your personal information to trusted retailers, and even then, there's no need to divulge your entire life story!
While there are mandatory details marked with an asterisk for purchase, you can generally omit any additional information. The NCSC recommends refraining from creating accounts with retailers unless it's for regular use, like your weekly supermarket shopping.
If you must create an account, consider signing in with an existing account, such as Apple or Google. This is generally the safer option.
Although it might be inconvenient to enter your card details each time, it's always safer not to save your payment information on any website. In the unfortunate event of a hack, it means your payment details won't be compromised.
The ultimate guide to Saga Puzzles, full of technical tips, tricks and hints.
With the start of the new financial year on 6 April, our money expert explains the changes to your pension, benefits and taxes.
