Amazon’s Prime Day 2024 was Australia’s longest yet, running for six full days, with the online marketplace boasting record sales compared to previous Prime Day events. However, such sales also attract cyber scammers, making it crucial for retailers and their customers to stay vigilant.
Australians made over 601,000 scam reports in 2023, an 18.5% increase from 2022, according to the Australian Competition and Consumer Commission (ACCC). Given this rise, it’s essential for both customers and retailers to remain cautious.
From a consumer perspective, cyber criminals can deceive unsuspecting shoppers in various ways, including fake social media links impersonating well-known brands and fraudulent emails that appear to come from recognizable companies but contain malicious links or content.
Awareness of these threats can help retailers mitigate risks for their customers. For instance, informing customers that a retailer will only contact them through specific channels or request certain information can encourage consumers to be more cautious if they receive unexpected communications.
Steps to prepare for sales day threats
Given the range of tactics used by cyber criminals, there are several approaches consumers can take to protect themselves during major sales events. For example, if customers take a moment to pause before clicking on a link, responding to a text, making a call, or taking any other action in response to a message from a purported retail brand, they are more likely to spot signs that the message might be fraudulent.
Spelling and accuracy are important indicators to watch for in any message from a brand. If a message contains noticeable misspellings, poor grammar, or unusual punctuation, it might not be legitimate. Additionally, it’s wise to treat ads on platforms like Instagram, TikTok, and Facebook with scepticism, as scammers often create these to impersonate well-known brands.
Consumers should also double-check email address domains to ensure they match those of the brands in question. At the same time, customers should be cautious with messages regarding order confirmations and shipping details, even if they seem legitimate.
How retailers can ward off scam attempts
For retailers, the risks during major sales events are different, but many of the same tactics can help minimise the threat from scammers. Being wary of suspicious links, unusual email domains, and unexpected order notifications can be just as useful for retailers as for consumers, since cyber criminals often use similar tactics on businesses.
Simply understanding the common tactics used by cyber criminals can help retailers limit the risks for themselves and their customers. For example, trusted companies will never ask for sensitive details like a passport or tax file number. Retailers can communicate this to customers to reduce the likelihood of them handing over such information to scammers.
To minimise risks, consumers should pay close attention to the information being requested when making online purchases. They should also be cautious of pop-ups and online ads, be careful with emails, avoid unknown websites, refrain from reusing passwords, and be alert to fake social media accounts.
By warning consumers of the most prominent risks, retailers can help ensure a safer shopping experience.
Taking a tech-led approach to protecting customers
Retailers can also take other steps to protect their businesses and, by extension, their customers. As retailers expand their digital infrastructure in response to market demands for a comprehensive online experience, they inadvertently open new opportunities for cyber criminals to exploit IT vulnerabilities.
Today’s retailers face increased cyber threat exposure across both organisational and customer touchpoints, including traditional point-of-sale (POS) vulnerabilities, supply chain threats, Internet of Things (IoT) devices, and customer data.
To protect their businesses against potential threats from cyber criminals and scammers, it’s crucial for retailers to have adequate visibility into these systems and touchpoints. Protecting personal information is also essential. A single cybersecurity platform that connects to every part of the business can provide the visibility needed to detect threats early and deflect them.
Retailers can enhance online security for consumers by requiring strong passwords and using two-factor authentication for online purchases, adding an extra layer of protection. Secure website practices and applying fraud detection tools to transaction systems also contribute to a safer shopping experience.
A little knowledge goes a long way. With increased awareness and robust cybersecurity infrastructure, retailers can get ahead of scammers during major sales events, effectively protecting both themselves and their customers, ultimately leading to a better customer experience.
Steve Manley is vice president for Australia & New Zealand at Palo Alto Networks.