2022 Black Friday: Make Sure You Avoid All the Elaborate Scams


    


    Stay alert to keep scammers off your phone.?
    James Martin/CNET
    


    This story is part of Gift Guide, our year-round collection of the best gift ideas.
    


    As always, Black Friday?arrive the day after Thanksgiving — more specifically on Nov. 25 this year. It’ll be a day filled with deals on items like headphones?and TVs, but with all that potential money flowing from customers to stores, cybercriminals are unfortunately looking to steal some of it.
    
    Scammers work year round, but they turn up their efforts during the high-spending holiday season to exploit the spirit of giving.
    The scams range far and wide — as retailers like Amazon, Best Buy and Walmart roll out deals over the holidays, fraudsters create elaborate websites to trick you into spending money on products you’ll never receive. You may receive text messages or emails claiming you’re eligible for a refund for an item you never purchased, just so thieves can get your credit card information. You might even be enticed into donating to a charity that provides homes for abandoned puppies — only to find out it doesn’t actually exist.
    Scams come in all shapes and sizes, but there are always red flags to help spot them. Here’s what you need to know about Black Friday scams and how to avoid becoming a victim this holiday season.
    For more about security and privacy this holiday season, check out how to?protect yourself from identity theft, how to?protect your phone app privacy, and the?most common cryptocurrency scams.
    Fake websites and fraudulent apps go ‘phishing’
    In a phishing scheme, the goal is for hackers to get their hands on your personal information, like your credit card number, social security or account password. Pretending to be a large retail corporation, the fraudsters send out an official-looking email or text message, usually with a link to a fraudulent website designed to look just like a legitimate site.
    Researchers at security firm Avanan discovered that hackers were sending out spoofed Amazon order notification emails. The email resembled your run-of-the-mill order confirmation, except that the order is false and the charge is significant.
    Naturally, if you believe you’re being charged for a substantial amount, you would want to reach out to Amazon. But in this instance, if you use the link in the phishing email to get in contact, you’ll be redirected to a fake Amazon webpage with a false phone number to dial. If you call, the fraudsters won’t initially pick up, but they’ll soon call back, asking you to provide your card number, expiration date and CVV to “cancel the order.” And just like that, they’ve got your information.
    These types of attacks are commonplace throughout the year, but expect a surge in messages claiming to be from Amazon, Best Buy, Walmart, Target or other large retailers during the holidays.?
    If you receive an email asking you to update your payment method or requesting other personal information, contact the company’s help desk to make sure the email is legit before you do anything else.?
    Other ways to identify a phishing email, according to the Federal Trade Commission and StaySafeOnline.org, include:?

  • The sender’s email address looks almost right but contains extra characters or misspellings.
  • There are misspellings or bad grammar either in the subject line or anywhere in the body.
  • They address you with generic terms (“Mr.” or “Ms.” or “Dear Customer”) instead of by name.
  • The message warns that you need to take immediate action and asks you to click a link and enter personal details, especially payment information.
  • The messages promise a refund, coupons or other freebies.
  • The company logo in the email looks low-quality or just plain wrong.


    Credit card skimming at one point required physical hardware, but nowadays hackers are inserting malicious code directly on retailers’ websites to steal customers’ credit card information.
    James Martin/CNETCredit card skimming goes all-digital
    You’ve seen it in movies. A hacker places an object over a card reader, disguised to look like part of the ATM, and then waits for people to swipe their cards. A day or week later, the thief takes the object — known as a skimmer — back and collects the mountain of stolen card information stored inside, which they can then use to make purchases, withdraw money and more.
    Instead of using physical hardware to steal payment card numbers, hackers can insert malicious code directly on a website to do the same thing as traditional skimming, but with online payment information instead.
    Regarding e-skimming incidents — sometimes called Magecart attacks after the name of the software used — Tim Mackey, principal security strategist for Synopsis, a digital security company, warns, “There isn’t an obvious way for the average person to be able to identify if or when a website has been compromised. The only potential tell-tale sign might be that the website itself doesn’t quite look ‘right.'”?
    Mackey suggests a few strategies you can can use to protect yourself:?

  • Don’t save your credit card information on retail sites.
  • If possible use a third-party payment method like Apple Pay, Google Wallet or PayPal.
  • Enable purchase alerts on all your credit cards.
  • Disable international purchases on all credit cards.
  • Only make purchases over your home network or cellular network, never on a public Wi-Fi where your payment could be intercepted.

Avoid the ‘Secret Sister’ gift exchange — it’s a pyramid scheme
    Originating on Facebook, this sketchy gift exchange among internet strangers plays off the popular workplace practice of “Secret Santa,” a game where each person in a group buys a present for one other randomly selected group member, without the gift-giver revealing their identity.?
    Instead, in Secret Sister, it’s a pyramid scheme dressed up in holiday clothes, according to the Better Business Bureau. The “Secret Sister” exchange invitation promises you’ll receive about $360 worth of gifts after purchasing and mailing a $10 gift for someone else. A variation includes swapping bottles of wine. And there’s even “Secret Santa Dog,” in which you gift money to a “secret dog.”
    Unfortunately, bad math hasn’t stopped this scam from resurfacing year after year. If you fall for it, you’ll probably be out 10 bucks when you don’t receive any gifts in return. You might lose personal details too, because the scam involves sending your name, email address and phone number to people you’ve never met in person.
    The Better Business Bureau recommends you deal with any request to become a Secret Sister by ignoring it — do not give your personal details to online strangers. You can also report the invitation to Facebook or whichever social network you were approached on.
    
    The Salvation Army is a long-standing, well-known charity. But always do your research before you donate to any charity.
    The Salvation ArmyYour donations might be going to a ‘faux charity’
    During the holiday season, it’s not uncommon to give back to the community. In fact, nonprofit organizations typically see an increase during the fall. The last three months of the year make up 36% of all charitable giving during the year, according to?Blackbaud Institute, which creates fundraising applications.
    Unfortunately, scammers take advantage of this generosity to make a bundle for themselves.
    The way these charity fraud scams typically work are by impersonating other successful charities. And it’s no wonder they work: The scammers come up with real-sounding charity names, create credible websites, run successful social media campaigns — and they’re persistent.
    Scammers typically call you using local phone numbers, which give you a false sense of security. However, it’s incredibly easy to spoof an area code. Next they’ll make their pitch, and it’ll be a good one. It will tug at your heart-strings, but they’ll never actually specify how they’ll help. And they may even claim that you’ve made a donation before, and suggest that you make another, and that if you do, it’ll be tax-deductible. And it’ll all be a lie.
    If you get a call from a charity and sense some red flags, the AARP and FTC suggest that you do the following:

  • Do your research. Use a watchdog like CharityWatch to get more information about a charity and learn how credible it is. Or use Google.
  • Pay close attention to the charity name and website. False charities like to mimic other popular charities. If it seems too close in name to another, it might not be real.
  • Keep track of your donations. Even if you accidentally donate to a scammer, you need to ensure that the donation isn’t recurring.
  • Don’t give away all your personal information. Of course it’s normal to provide your card information, but don’t do the same with your Social Security number or bank account number.
  • Don’t make a cash donation. Unless you’re certain about a charity’s credibility, don’t give away cash, gift cards, or cryptocurrency.


    For any charitable donations that you make, you can also use the IRS tax-exempt organization search tool to make sure that the charity you’re contributing to is legitimate and that your gift can be deducted on your income tax return.
    


    Find The Perfect Gift

AllUnder $10Under $20Under $50Under $100Under $250
    

allmomsdadsgrandparentsfitnesstravelersteenspreteenstechgamingfoodieshomeromanticjewelrykids
    107 results
    


    


    
    Five S Kneading Massager
    $35 at Amazon
    


    
    Hydro Flask
    $35 at Hyrdo Flask
    


    
    Nintendo eShop Gift Card
    $50 at Amazon
    


    
    Fox in the Forest
    $12 at Amazon
    


    
    SteelSeries Arctis 1
    $50 at Amazon
    


    
    Bokksu Japanese snack box
    See at Amazon
    


    
    State cashmere blanket throw blanket
    See at Amazon
    


    
    HyperChiller
    See at Amazon
    


    
    Nixplay smart digital photo frame
    $20 at CB2
    


    
    Online cooking classes
    See at Online Cooking School
    


    
    Washable Silk Tee & Shorts
    See at Quince
    


    
    Ouai Chill Pill Bath Bombs
    See at Ulta
    


    
    60 Hour Candle
    See at TheraBox
    


    
    Dyson Supersonic hair dryer
    See at Dyson
    


    
    Mint & Lily Mama necklace
    See at Mint & Lily
    


    
    Sephora gift card
    See at Sephora
    


    
    Google Nest Hub
    See at Google
    


    
    Theragun Prime
    See at Therabody
    


    
    Matador NanoDry Towel
    See at REI
    


    
    Mixbook
    See at Mixbook
    


    
    Tiki fire pit
    See at Amazon
    


    
    Mario Badescu face spray set
    See at Ulta
    


    
    Flower delivery from BloomsyBox
    See at BloomsyBox
    


    
    Slip silk pillowcase
    See at Amazon
    


    
    Aarke water carbonator
    $230 at Bed Bath & Beyond
    


    
    Jacques Torres bonbons
    $55 at Jacque Torres
    


    
    A bouquet of exotic meats
    $90 at Man Crates
    


    
    Sarah Chloe diamond locket
    $145 at Sarah Chloe
    


    
    The Bouqs Co. Pixie bouquet
    $99 at The Bouqs Co.
    


    
    Sweet heart bamboo
    $35 at Plants.com
    


    
    Max Brenner chocolates
    $37 at Max Brenner
    


    
    Ingarden microgreens garden
    $100 at Amazon
    


    
    Shun Sora Japanese petty knife
    $70 at Amazon
    


    
    Wolf Circus Toni gold bracelet
    $95 at Wolf Circus
    


    
    Champagne Gummy Bears
    $9 at Sugarfina
    


    
    MakiMaki sushi roll kit for 2
    $125 at MakiMaki
    


    
    Cote des Roses rosé
    $16 at Wine.com
    


    
    Flavored Truffle Gift Box
    $38 at La Maison du Chocolat
    


    
    Barrel Aged Hot Hive Honey and Reaper Salt Series
    $40 at Fuego Box
    


    
    Carrie Hoffman X studs earrings
    $290 at Carrie Hoffman
    


    
    Wanna Date? sweet date spread
    $12 at Uncommon Goods
    


    
    Italian olivewood serving board
    $17 at Sur la table
    


    
    Three-piece cheese knife set
    $20 at CB2
    


    
    A delivery of fresh pasta
    $25 at Goldbelly
    


    
    Maison Miru heart nap earrings
    $75 at Maison
    


    
    Disney Plus Gift Subscription
    $80 at Disney
    


    
    DJI Minin 2 Fly More Combo
    $600 at Amazon
    


    
    Fujifilm Instax Mini 11 Instant Camera
    $69 at Amazon
    


    
    ThisWorx Portable Car Vacuum Cleaner
    $36 at Amazon
    


    
    Perfect Pot
    $165 at Our Place
    


    
    Letterfolk Customizable Tile Mat
    $75 at West Elm
    


    
    Parks Project Candle
    $36 at Parks Project
    


    
    iPad Mini 2021
    $500 at Best Buy
    


    
    Crown & Paw Pet Canvas
    $50 at Crown & Paw
    


    
    Coravin Wine Preservation System
    $150 at Target
    


    
    Botley 2.0
    $47 at Amazon
    


    
    Arcade1Up Arcade Machine
    $600 at Best Buy
    


    
    Biolite TraveLight 135
    $40 at Biolite
    


    
    Blockaroo Blocks
    $40 at Amazon
    


    
    Gloomhaven: Jaws of The Lion Board Game
    $32 at Amazon
    


    
    JBL Go 3
    $50 at Amazon
    


    
    Illy Y3.3 Espresso and Coffee Machine
    $149 at Amazon
    


    
    Lenovo Smart Clock
    $35 at Best Buy
    


    
    Keurig K-Slim Coffee Maker
    $79 at Amazon
    


    
    Lego Speed Champions Corvette
    $30 at Amazon
    


    
    Madewell Transport Tote
    $178 at Madewell
    


    
    Lunya Silk Sleep Mask
    $48 at Lunya
    


    
    Lite-Brite
    $13 at Target
    


    
    Lodge Cast-Iron Grill Pan
    $20 at Amazon
    


    
    Wyze Cam v3
    $36 at Amazon
    


    
    Apple AirPods 3
    $179 at Apple
    


    
    EarFun Air Pro 2
    $80 at Amazon
    


    
    Sony WF-1000XM4
    $250 at Walmart
    


    
    Sony PlayStation 5
    $499 at Amazon
    


    
    Roku Express 4K Plus
    $39 at Amazon
    


    
    Apple iPad 2021 (9th generation)
    $299 at Amazon
    


    
    Acer Chromebook Spin 713
    $530 at Amazon
    


    
    MacBook Air M1
    $1,000 at Best Buy
    


    
    Bose SoundLink Flex
    $150 at Best Buy
    


    
    Dell G15
    $1,100 at Best Buy
    


    
    HP Pavilion Aero 13
    $1,000 at HP
    


    
    Lenovo Yoga 7i (2-in-1)
    $850 at Best Buy
    


    
    Mosaic Plant-Based Meal Delivery
    $70 at Mosaic
    


    
    Trade Coffee Subscription
    $40 at Trade
    


    
    Vizio MQ7 65-inch
    $1,000 at Amazon
    


    
    Apple Watch SE
    $269 at Amazon
    


    
    Apple Watch Series 7
    $399 at Best Buy
    


    
    Atlas Tea Club
    $199 at Atlas Tea Club
    


    
    iPhone 11
    $499 at Apple
    


    
    iPhone 13
    $799 at Apple
    


    
    Fitbit Charge 5
    $179 at Amazon
    


    
    Google Pixel 6
    $599 at Amazon
    


    
    iPhone 13 Pro
    $999 at Apple
    


    
    LG C1 OLED 65-inch
    $1,797 at Amazon
    


    
    Samsung Galaxy S21 Ultra
    $1,166 at Amazon
    


    
    TCL Series 4 TV 65-inch
    $529 at Amazon
    


    
    TCL Series 6 TV 65-inch
    $999 at Amazon
    


    
    Theragun Mini
    $199 at Amazon
    


    
    Best of Dylan’s Candy Bar Gift Basket
    $100 at Dylan’s Candy Bar
    


    
    The Mirror
    $1,495 at Mirror
    


    
    Echo Dot with Clock
    $60 at Amazon
    


    
    Croissant Light
    $19 at Amazon
    


    
    Spanish-style Wine Glasses
    $20 at Amazon
    


    
    Nintendo Switch OLED
    $349 at Amazon
    


    
    Xbox Series X
    $499 at Amazon