Why Online Scams Are Booming

More virtual shopping makes better targets

Key Takeaways

  • Scams involving online shopping are on the rise, according to cybersecurity experts. 
  • There are also a growing number of fraud cases associated with COVID-19 vaccines. 
  • You should always check the sender’s email address to see if it is from an official account.
Someone shopping online on a laptop and smart phone.

wera Rodsawang / Getty Images

Internet commerce is booming, but so are scams aimed at web shoppers. 

Cybersecurity firm Trend Micro has found a recent surge in Amazon scams and COVID vaccine deceptions. The report is part of a growing body of evidence that fraud of all kinds is burgeoning on the web. Experts say there are ways to protect yourself. 

"Remember, if it looks too good to be true, it probably is," Paige Hanson, NortonLifeLock’s chief of cyber safety education, said in an email interview.

"Cybercriminals are experts at creating fake sites, emails, or profiles that look identical to legitimate people or online shops. Make sure that you’re certain before clicking a link or opening a file to avoid getting scammed."

Watch Where You Click

The pandemic was a boon for many internet-based businesses, including Amazon, which recently reported a 200% growth in revenue.  With so many more people shopping online, cybercriminals are on the prowl, Lynette Owens, the global director of internet safety at Trend Micro, said in an email interview.

The most common scams include phishing emails, links to malicious websites, robocall scams, and gift card scams. 

Phishing emails often come in the form of fake order or refund notifications, and contain an attachment or link leading to a malicious website that requests the victim’s information or directs the user to unknowingly download malware. 

A billboard against a dark, cloudy sky, that looks like a street sign that reads "Cyber Attach Just Ahead.

alexsl / Getty Images

"These fake emails also can take the form of gift card scams, where a message includes a gift certificate that users must redeem by clicking on a phishing button," Owens said 

Scammers also rely on human error through typosquatting, which involves crafting a fake, malicious URL that closely resembles Amazon’s, hoping that users will make an error when inputting the website address into their browser and begin using the site as if it were the real thing.

According to Trend Micro’s research, some scammers will pose as customer service representatives and call you, claiming a problem with your account, membership, or recent orders. They will then request you to take action, such as paying money or changing your account settings.

Cybersecurity lawyer Todd Kartchner said in an email interview that his firm has recently seen more scams involving COVID-19 vaccinations. Scammers have been contacting people through online ads, phone calls, or social media, offering to sell vaccines.

In getting people to sign up for vaccinations, they attempt to solicit personal information they can use to steal that person’s identity and get credit card numbers or bank account information.  

"People need to know vaccinations are not for sale and that they should only sign up for vaccinations through federal or state-approved sources," Kartchner added.

"People should also be wary about posting their vaccination card information online. Their cards contain personal information that scammers may try to use for identity theft."

How to Protect Your Info

A healthy dose of skepticism goes a long way towards protecting yourself from online scams, experts say. 

"These fake emails can also take the form of gift card scams, where a message includes a gift certificate that users must redeem by clicking on a phishing button."

You should always check the sender’s email address to see if the email came from an official account, Owens said. Cybercriminals may sometimes use a zero in place of an O to confuse users.

Got an offer of a great deal in an email? Go directly to the sender’s website and check your account, instead of clicking on links from a suspicious email from a vendor.

Hover your cursor over (but do not click) the link embedded in the email, Owens suggests. This link usually reveals the URL that the link will actually go to. Do not open any attachments until you can confirm the email is legitimate, Owens said. 

"The most important thing people can do to protect themselves from potential scams is to stop and think before you give anyone your personal information or pay for something online," Kartchner said. "Do some research if you are getting requests from an unknown source."

Was this page helpful?