Safe Online Shopping Campaign 201820th November 2018
Consumers and retailers urged to take precautions in run up to Black Friday and Cyber Monday
- €46.5bn spent worldwide on Credit & Debit Cards issued in Ireland in 2017 with €15.5bn spent online.
- Downward trend in card fraud with year on year decrease from €45.2m in 2016 to €29m in 2017.
- 80% of card fraud occurs in Card Not Present environment.
- 38% of 25-34 year olds shop online weekly.
- 57% only use credible websites when shopping on their mobile phone
- 38% use social media to inspire purchases, this increases to 94% for 18-24 year olds
(Sources: Banking & Payments Federation Ireland, Retails and Consumer Report 2018 – PWC)
An Garda Síochána in association with the FraudSMART, a fraud awareness initiative led by Banking & Payments Federation Ireland, are urging consumers and retailers to shop and sell online safely and to protect their financial and personal details with the approach of Black Friday (Friday 23rd November) and Cyber Monday (26th November 2018)
Detective Superintendent Gerard Walsh of the Garda National Economic Crime Bureau said “Buying online is a very convenient way to shop particularly in the busy run up to Christmas however shopping safely online is not a given, as there are inherent risks. It is vital that people exercise caution when shopping online and follow the fraud prevention advices provided.”
Niamh Davenport, leading the FraudSMART programme for Banking & Payments Federation Ireland, advised consumers and businesses that taking simple steps can make all the difference when shopping or selling online, “While Black Friday provides consumers with a great chance to grab a bargain, it can also open up the perfect opportunity for scammers and hackers. It is often a simple or easy measure that people can take to protect against fraud and it is important that consumers know these to avoid being vulnerable to fraudsters.”
An Garda Síochána and FraudSMART’s top tips for shopping online this week and in the run up to Christmas include:
- Do your research; only buy from trusted sources, shops or brands that you are familiar with. Use websites that your friends, family or colleagues have used before.
- Do not click on links or adverts from social media. Independently go to the website offering the deal. This will ensure you are not shopping on a fake website.
- Think twice before allowing e-merchant stores to store your payment details
- Read terms and conditions and make sure you are not committing to a series of recurring payments especially where free trials are offered.
- Always save all documents related to your online purchases.
- When purchasing something online from another person, do not send money up front
- Use a secure website. Look for the padlock symbol and the ‘S’ in HTTPS.
- Never send your Card number, PIN or any other card information to anyone by email
- Don’t use public Wi-Fi when making payments, always switch to 3G/4G
- Regularly check statements and transactions for any frauds or suspicious activity
- If you have a suspicion about an online transaction check your account online to ascertain if the payment was made to the genuine retailer.
- Report suspicious transactions to your local Garda station and to your bank or card processor.
They also outlined the steps which retails should consider during this busy Christmas period:
Advice for Online Retailers
Retailers can also be the target of online frauds when it comes to purchases of goods online. Compromised credit cards or requests to pay for goods and services using money transfer services can result in significant losses for online sellers. To avoid those losses, some basic steps should be kept in mind by online retailers and private sellers.
- Beware of any purchases of bulk items or large quantities of the items or random goods
- Check any purchases of high-value goods or goods that can easily be resold
- Be cautious with purchases using credit/debit cards issues overseas or in a different name than the purchaser
- Check that the delivery and billing addresses are the same.
- Check addresses and usernames online using Google to see if there are any reports or complaints.
- Require postcodes with addresses. Use Google maps to make sure the address is correct
- Be cautious of bulk purchases of gift cards and guest logins rather than users creating accounts
- Small cost purchases followed by larger purchases by the same user could indicate someone testing a compromised card
- If you capture IP addresses check them online to see where they are registered. If the billing/delivery address is in a different country, this could indicate a problem
- Don’t hesitate to contact the customer by phone and ask them to confirm their payment details such as card number, bank name, card expiry date etc. Genuine customers will usually know these details immediately.
For further information:
Jillian Heffernan, Head of Communications, BPFI, 087 9016880, firstname.lastname@example.org
The following are the most common by which criminals can obtain payment card details.
Phishing is where criminals send unsolicited emails to individuals which purport to have been sent from genuine businesses or individuals. The purpose of these emails is to induce the individuals to reveal personal information such as payment card details, bank account numbers and personal security data. Phishing emails usually appear to have been sent from financial institutions and instruct the recipient to follow a link to a fraudulent website which requests personal and financial information be inputted.
Vishing or Voice Phishing is the criminal practice of using social engineering techniques over the phone in order to obtain the personal, financial or security data from individuals. Social engineering can be described as human to human interaction which attempts to exploit vulnerabilities in human nature in an attempt to obtain personal information.
Smishing or SMS Phishing is a phishing attack whereby a mobile phone user receives an SMS (text) message which purports to have been sent from a genuine business or individual. This message attempts to induce the recipient to follow a link to a website which appears to be legitimate but in under the control of the criminal organisation. This website then requests personal and financial information to be inputted.
FraudSMART is a fraud awareness initiative developed by Banking & Payments Federation Ireland (BPFI) in conjunction with the following member banks, Allied Irish Bank plc, Bank of Ireland, KBC Bank Ireland, PermanentTSB and Ulster Bank. Launched in October 2017, the campaign aims to raise consumer and business awareness of the latest financial fraud activity and trends and provide simple and impartial advice on how best they can protect themselves and their resources. Web: www.fraudsmart.ie
Banking & Payments Federation Ireland (BPFI) represents the banking, payments and fintech sector in Ireland. Together with its affiliates, the Federation of International Banks in Ireland and the Fintech & Payments Association of Ireland, BPFI has over 70-member institutions and associates, including licensed domestic and foreign banks and institutions operating in the financial marketplace here.