Online shopping is becoming more popular — and so, too, are fraudulent websites designed to scam shoppers. Learn about the precautions you can take to avoid becoming the next victim.
When shopping online, it is good remember the adage “If something sounds too good to be true, it probably is.” That’s because fraudulent websites touting significantly discounted prices for popular products are common — and social media platforms and online search engines are increasingly directing people to them, according a security alert issued by the US Federal Bureau of Investigation (FBI). The FBI has been receiving numerous complaints from victimized online shoppers. In some cases, they purchased but never received items. In other cases, they received their orders but the items were not as promised. The victims, many of which were unable to get their money back, reported that they were led to the fraudulent sites by ads they saw on social media platforms and by search results when they were searching for specific items on the “Shopping” pages of popular online search engines.
Although fraudulent sites are common, there are precautions you can take to avoid becoming a scam victim. The measures to take depend on whether you are shopping on a seller’s dedicated site or shopping in an online marketplace.
Checking a Seller with a Dedicated Site
With website content management systems like WordPress, Wix, and Shopify, online scammers can quickly and easily create dedicated sites to hawk their wares. These sites often look and function as well as any legitimate site, making them hard to spot at first glance. However, with a little investigative work, you can usually uncover the truth.
Before making a purchase from a site you have never used before, it is a good idea to:
- Look at the site’s top-level domain. Be wary of sites that end in “.club” and “.top”. The FBI noted that these two top-level domains were often used for fake sites. However, you cannot assume that a site is legitimate just because its web address ends in a common top-level domain such as “.com”. Online scammers create shady “.com” sites as well.
- Avoid the assumption that a site is legitimate just because it starts with “https”. Digital scammers are increasingly creating HTTP Secure (HTTPS) sites to lull online shoppers into a false sense of security. When some people see the “https” designation and the accompanying padlock icon in their web browser’s address bar, they assume that the site is legitimate. That is not always the case. The “https” designation simply indicates that any data sent between the browser and the site is encrypted.
- Check the information listed on the seller’s “Contact Us” page. Confirm whether the physical address and phone number are legitimate. Also check the email address. Be wary of sellers using a free email service for business emails.
- Check the site’s content. When creating their sites, unscrupulous sellers sometimes use content they copied from other sites. For instance, a seller creating a fake site that supposedly offers name-brand laptops at really cheap prices might copy the laptops’ descriptions and images from legitimate retailers’ or manufacturers’ sites.
- Investigate the seller further if you have any suspicions. For example, one possible resource is the Better Business Bureau (BBB). Check to see if the seller has been rated, been reviewed, or received any complaints. You can also use the BBB Scam Tracker to see if anyone has reported a scam involving the seller. Another possible resource is a free Whois public Internet directory like Whois Domain Lookup. Whois directories contain domain registration data. By searching on the domain name of the seller’s site, you can find out more information about the site, such as when it was registered and the registrant’s contact information. You should be wary of domains registered within the last six months, according to the FBI. Online scammers tend to quickly set up and then take down their sites. You should also be cautious of sellers not listed in the directory. Unscrupulous sellers sometimes use a private domain registration service to avoid having their personal information published in Whois directories.
Checking a Seller in an Online Marketplace
In an online marketplace (e.g., Amazon Marketplace, Walmart Marketplace, eBay), numerous third-party sellers offer products and services. While these sellers are responsible for what is displayed on their specific web pages, they are not involved in creating, registering, or managing the marketplace site. Thus, some of the precautions just discussed do not apply.
Here are some actions that you can take to avoid being scammed by sellers in online marketplaces:
- Check the seller’s web pages for copied content. As with dedicated sites, finding a lot of content copied from other sites might indicate the web pages are fraudulent.
- Do not blindly trust customer reviews. One feature found in many online marketplaces is customer ratings and reviews. However, many ratings and reviews are bogus, according to a 2020 study. Some sellers provide free products or money for positive reviews, while others pay people to post negative comments about competitors’ offerings in the online marketplace. Unfortunately, fake reviews are getting harder to manually spot because unscrupulous sellers are getting more devious. For instance, they have the bogus reviewers actually buy their products in the online marketplace so that the reviews are flagged as verified purchases, but then the seller reimburses the reviewers for the products once the positive reviews are posted. There are a few websites (e.g., ReviewMeta) and web browser extensions (e.g., Fakespot) that you can use to help identify fake reviews in certain online marketplaces.
- Investigate the seller further if you have any suspicions. For example, you can use the BBB Scam Tracker as well as check the BBB’s site to see if the seller has been rated, been reviewed, or received any complaints.
Another Concern to Keep in Mind
Scams are not the only concern you need to keep in mind when shopping online. Ads on social media platforms and search engine results might link to fake seller websites designed to install malware on the devices of the people who visit them. We can make sure your devices are properly patched and secured, which will mitigate the risk those type of attacks will succeed.