Retailers across Asia are preparing themselves for the most important shopping season of the year. This includes Singles’ Day, or 11.11, the world’s largest online shopping event, and the Christmas shopping season. As traffic is set to surge significantly during this period, so is the number of online shopping scams.
“Fraudsters love these shopping days as they can easily assimilate into the crowd when traffic is higher. Retailers are also more vulnerable, especially if they rely on employees to manually review transactions, which is common in Asia,” Monica Acree, VP of sales for the Asia Pacific at Forter, told KrASIA. Forter is a fraud prevention software company headquartered in New York.
Acree explained that phishing and credit card fraud are the two most common types of online scams. Phishing is the practice of sending emails purporting to be from reputable companies to induce individuals to reveal personal information such as passwords and credit card numbers. Online credit card fraud is when hackers obtain a user’s card information through trojan malware to make unauthorized purchases or remove funds from the account.
Phishing attempts can increase by more than 20% during major online sales periods in Asian countries, especially near Singles’ Day on November 11, according to data by cybersecurity firm Kaspersky. In 2019, Kaspersky found 554,000 phishing attempts ahead of 11.11 and after the shopping event, 21% higher than the previous period between September and mid-October of the same year. The number peaked at as many as 803,000 detections on October 28, Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky, told KrASIA.
Yeo was also a victim of a phishing attempt earlier this year. “I received a text message with a link to track a parcel as I ordered a makeshift table for my work-from-home setup. I clicked the link, and it turned out to be a phishing link.” However, since his phone is equipped with internet security software, the threat was blocked instantly, Yeo added.
“We have observed that since 2020, phishing scammers have switched their attention from banks to e-shops. This trend is closely related to the pandemic, which has greatly changed the public’s attitude towards online shopping—criminals have marked its growing popularity and turned the focus on it,” Yeo said.
Risks set to persist this year
While it is difficult to predict how many more online scams will happen this year, Yeo expects the trend to continue. “Including new strategies in financial cybercrime—from reselling bank access to targeting investment applications—and the further development of already existing trends, for instance, greater expansion of card skimming or other online frauds,” he said.
As new forms of digital payments such as “buy now, pay later” (BNPL) and cross-border payments have sprung up in the region, the development also potentially exacerbates the e-commerce fraud landscape, according to Forter’s Acree.
“Fraudsters are very clever. Regardless of the payment method, they’ll find vulnerabilities. For instance, we’ve seen cases where fraudsters take over users’ BNPL accounts with a good credit history and make transactions using that account. There’s a constant need to evolve strategies and tactics to keep up with the changing landscape,” Acree said. She added that recent data leak cases in Asia have also contributed to increasing numbers of e-commerce fraud in the past few years.
Customers, especially those who are not very digitally active, lack proper awareness of the most superficial risks like phishing and spam, Acree said. A good collaboration between financial service providers, retailers, and customers is necessary to increase awareness in this area.
How to shop safely during the holiday season
For retailers, both Acree and Yeo suggested implementing anti-fraud solutions on their devices to identify suspicious behavior and quickly detect cases of social engineering such as phishing. Retailers also have a responsibility to educate and inform customers about the potential risks and the actions to take when facing potential scams.
Meanwhile, for customers, Yeo has several tips. “Stick to familiar brands you know or have heard of, and if you do buy from a new vendor, research it carefully. If possible, it is better to use a temporary credit card to make online purchases,” he said. The expert also recommends only shopping on secure sites with a URL address beginning with HTTPS, a protocol that ensures an encrypted connection, as opposed to HTTP. “And always remember to manage and protect your online passwords.”
Customers need to be alert to the type of information being asked by any other individual, Yeo said, adding that shoppers should never share personal information over the phone and never reply to any unsolicited requests for personal information.
If customers must shop online using a public Wi-Fi network, a trusted VPN provider will ensure a more secure transaction, Yeo explained. Shoppers should also constantly update their security software and remember to log off after shopping, especially when using a public computer or a Wi-Fi network.
“Finally, read all transaction statements carefully and check for unauthorized charges. If there is anything unusual, report it immediately,” Yeo said.