Everyone is always on guard for phishing scams that appear to come from their bank and credit card companies.
However online shoppers are also a big target.
PayPal is commonly cited as the easiest data to use once obtained as there is no need for “data harvesting”. They have instant access to buy products with your account. You can make sure you have alerts on the bank/credit card account connected to your PayPal account, so you are alerted to activity. Another way to protect yourself is to set up a separate bank/credit card account that is linked to PayPal and limit the amount of money in the account or the credit limit. It is a bit more work on your side to keep the account topped up but this can limit the amount that can be charged.
For Amazon, phishing scams have grown as quickly as they have. Also, peak shopping periods like Prime Day and Black Friday usually sees an increase in scams.
Phishing scams are not only limited to buying products, they can also try to access your “points” or “reward credits” you have earned from shopping with a merchant as this is less likely to be noticed than a charge on your credit card or PayPal account.
The scammers will send a fake email asking if you want to redeem your points, or reminding you to redeem your points. This is very tempting to respond to because who doesn’t want something for free? Especially if there is a message, like “expiring soon”.
Like most Phishing Scams, you receive an email that looks like it comes from a major retailer (Amazon, Kohl’s, Costco, etc). The email will look very real with a nice logo, the right colors and the link you click on may even look legitimate. However, on closer examination, you can see the URL is not really correct. By the time you click, it might be too late as clicking a link can allow the installation of a back door for a scammer to install malware on your computer. This may allow them to access/steal your personal information.
In general, it is a good idea to carefully check the domain names on links by hover your mouse over them before you click on it to make sure it is legitimate (sometimes they can be obviously wrong). However, even better, only go to your merchant’s website directly from your bookmarks to check on the status of your reward points or any special offers they are having. Definitely, never reset security information via a link in an email.
Other platforms you may use that are at higher risk for phishing scams are FB and Netflix.
For more information on Phishing Scams and how to protect yourself, you can read more at the BBB