Over half (60%) of Australians shop online weekly and the majority (67%) are concerned about the prevalence of online scams, yet one-quarter admit they are likely to click on a link via Facebook or other social media to get a good deal, according to recent research from digital security and privacy company Avast.

Avast notes that Black Friday to Cyber Monday is one of Australia’s “biggest and most anticipated trading periods with many retailers offering tempting competitive deals ahead of the holiday season”, and in 2022, Australians spent over an estimated $7 billion on the annual sales.

Stephen Kho, cyber security expert for Avast says, “The Black Friday shopping sales is now one of the most anticipated shopping events of the year and cyber criminals know this global phenomenon is a better time than any to catch people out.

“The event brings with it a slew of online shopping deals, which can be a wonderfully convenient way to check off a wish list. However, it is also a feeding ground for cyber criminals who prey on Australians’ eagerness for a bargain.

“Exciting deals can cloud our judgement, especially during this shopping event. It is a timely reminder to remain educated about the warning signs of scams, and to put good cyber safety practices into play.

“This year has seen a record number of scams and with the rapid rise of artificial intelligence (AI), they are growing in number and sophistication. Aided by the new technology, fake online storefronts, dodgy social media ads, marketplace swindlers, and bargain-themed phishing attempts will run rampant this holiday season, so it is important Australians are equipped with the tools and knowledge to avoid any personal or financial harm,” Kho concludes.

Avast says that to help Australians have a “safe online shopping experience this holiday sales season”, Stephen Kho has shared his top tips:

1. Watch out for fake online storefronts – This could be in the form of both apps and websites. Legitimate looking impersonations are popping up left right and center and can be hard to separate from official stores. For apps, only download apps from official app stores such as the Apple App Store or the Google Play Store. When it comes to websites, always type the full company URL into the address bar so you know you are on the official page. It can be tempting and seemingly convenient to click on a shortened URL or scan a QR code that you’ve received but be wary of this as this is a common way scammers trick you into browsing a fake or malicious site. Note that all official sites will use ‘https’ to ensure an encrypted connection between the retailer and consumer.

2. Be cautious of online marketplaces – they can be a handy source for purchasing gifts, but scammers have infested platforms like Facebook Marketplace and ones alike and are posing as both legitimate sellers and buyers. Never send money to a seller before receiving your purchased item and be alert for Pay ID impersonation scams. These are becoming particularly common on online marketplaces.

3. Don’t get phished – If you receive any unsolicited messages on social media, text message, or email, about a special offer or bargain with a link embedded, it is most likely a scam. Never open these links, as they may ask for personal information or you could be hacked. Instead, if you see something in a message that is enticing, follow tip 1 and type the URL into a web browser yourself.

4. Do not store payment info – When you make purchases online, you will be peppered with requests to open accounts with the storefront and save your credit card information. It is safest to decline these requests. You want to share, save, and store as little personal info as possible on the internet.

5. Put a layer between your credit card and scammers – Third-party payment services such as PayPal, Apple Pay and Google Pay can give you an extra layer of protection when making a purchase online and are a handy option on mobile sites. However, remember to only shop from your home or cell network, never on public Wi-Fi so you can protect your sensitive information, like passwords, from being intercepted and stolen. When using public Wi-Fi, use a VPN (Virtual Private Network) to protect your data against traffic sniffing attacks.