Lately, there have been very frequent offers from retail chains and various online stores where goods and services are much more affordable if you make the purchase online. This trend has been present globally for a long time, and since a few years ago, it has not bypassed Serbia either. You have probably heard of Black Friday, the popular shopping holiday, or Cyber Monday, a day when shopping is done online with various benefits.

Discounts and promotions for online purchases have become common, but unfortunately the information overload, as well as the times we live in, make our attention lower than adequate, which altogether gives the opportunity for various internet "pickpockets" to steal our money and data.

The latest in a series of frauds is the possibility of a very favorable purchase of "Antistress Mattress", dimensions 160x200cm. Very favorable, for sure, it would only cost you all your personal data and money from the account.

Namely, when you decide to buy this item via the link you received, you have the option to choose your bank and pay for what you want. Rest assured that the same scam exists for various other items, not just the mentioned mattress, but this one with the mattress is the most recent one we have detected. The image you see is the authentic image of the page that was part of the scam a few days ago.

The probability that you have an account in one of the banks on the list is huge, so if you are not extremely careful and you know from personal experience that this is not a practice for online shopping, you will click on the icon of your bank.

When you click on your bank's icon, a window opens that looks identical to your eBanking. In the case of Erste Bank, it is the following picture. And no, this is not a picture from our eBanking, but an excellent copy. The layout of the page has been specially adjusted for each of the banks on the list, so if you are a client of another bank and you click on another icon, you will get the view of the eBanking page of that specific bank.

We have to admit that this scam was executed masterfully, and that only extremely careful people checked the address field and saw that they were not in their bank's eBanking, but in an unknown location.

The first thing that should be suspicious in this case, in addition to the fake address, is that there is no https protocol, and that it requires logging into eBanking, instead of the usual payment card entry or QR code scanning.

Logically, you are asked to enter your details, username and password. If you do that, you will not be able to pay for the mattress at that moment, but you will give the fraudsters your access data and subsequently they can actually log in to your eBanking and dispose of your money and all the data that exists there.

It can be a really big problem, and that is why with this text we appeal to everyone to be very careful when performing any internet activity, and to always be skeptical about data protection. In this particular case, the competent colleagues were urgently notified of the existence of this fraud and managed to "take down" the disputed site that collected data in record time, but it is only a matter of time when something similar will appear again.

Internet scams have been increasingly common and harder to recognize, and unfortunately the scammers are getting more and more skilled at what they do. In order to protect ourselves and shop safely, taking into account the recommendations regarding the protection against the corona virus, but also the potential attackers on our data and money, see the tips below.

 

Eight Tips for Safe Online Shopping

  • Be careful where and with whom you share personal and confidential information. Don't believe the tempting offers you get by email or through messaging apps. Do not open links and attachments from e-mails, if you have not previously checked everything and are sure that the message is correct.
  • Make sure that the address of the website where you want to make the payment starts with "https". Pay attention to the padlock symbol next to the web address – if it is marked in red, or if the browser displays a warning that the certificate is not valid, you should not enter your payment card information.
  • Always purchase through the store's official website and do not enter your information on websites that you have accessed via a link. These can be fake pages that closely resemble the real ones.
  • It is recommended to use sites that have a guaranteed level of protection. Secure card payment sites include the option to activate the MasterCard 3D Secure or Verified by Visa service, which enable secure online payments.
  • You should never enter a PIN code when making an online purchase, this is not the information required by the banks to complete the transaction. Also, banks will never ask you to change your data, confirm your password, etc. by email or message.
  • You should never send a photocopy of the card (or other document) by e-mail, into the inbox of social media pages or similar.
  • It is recommended to avoid purchasing from publicly available wireless networks and shared computers, as you do not know if they are infected with a virus that can download your data.
  • Always check the online store if you haven't bought there before (e.g. using Google recommendations or the Trust Pilot website). Pay attention to any messages that you receive, and be suspicious of any irregularities.