The escalating use of e-commerce creates a feeding frenzy for fraudsters. As online shoppers make convenient summertime purchases and start to focus on their upcoming holiday buying lists, they need to know how to avoid getting ripped off.
In what may be a lapse of logic — and contrary to stereotypes about which age groups are the most internet savvy — consumers most at risk are young adults rather than seniors.
Barclays, a British universal bank, released data in June revealing people aged 21 to 30 are most likely to be scammed online. Despite that finding, the same research found that the majority (76%) in that younger group said they are confident they would not be a victim.
However, when compared to those over age 70, the data shows that 21- to 30-year-olds are much more likely to be duped. The majority of scams (77%) happen on tech platforms such as social media, purchase/auction sites, or dating apps. This makes younger people more susceptible to becoming a victim, warns the Barclay research.
Fraud Is a Complex Problem
“A common misconception is that most ad scam victims are elderly people. In reality, cybercriminals do not discriminate. Social engineering is a manipulation technique used on younger online audiences that exploit human emotion,” Amnon Siev, chief data officer at cybersecurity and advertising quality firm GeoEdge, told the E-Commerce Times.
“In cybercrime, human hacking lures unsuspecting online users into various online advertising frauds,” he added.
It is not just consumers who are targets of online fraud. Website merchants also are in cyberthieves’ crosshairs, warned Jake Loveless, CEO of web acceleration company Edgemesh.
“I think the main culprit is the fact that identifying and protecting against [online] fraud is a complex problem. If you leave the front door to the store unlocked 24 hours a day, it is likely you will see an increased rate of theft. Call it a crime of opportunity,” he told the E-Commerce Times.
Consumers become victims of purchase scams when people buy goods that never arrive or are not as advertised. These scams are the most common type, accounting for more than half (60%) of all scams in the last three months, according to Barclays’ data.
The likelihood of falling for this type of scheme decreases significantly with age, with 21- to 30-year-old consumers being 15 times more likely to be a victim. Smartphones rank as the most common type of item fraudsters advertise. More than half (55%) of shoppers in the 21 to 30 age group plan to buy a new phone this summer. Everyone should be wary of “too good to be true” offers.
Barclays’ research exposed some of the reasons that make young people susceptible to scams. A quarter (25%) of respondents said they could only go one day without replacing their smartphone if they lost it. Nearly one-third (31%) admitted to being willing to shop with a brand they did not know if the seller offered a good deal.
Many people assume scam victims are elderly. Older people are more likely to fall for higher-value scams. But the most common scams trick victims into buying something they never receive, said Ross Martin, head of digital safety at Barclays in the report.
Shoppers should remember that if a product’s price is unbelievably low, it probably is a scam. Scammers usually offer items significantly lower than their value to lure in buyers, he noted.
Before rushing into a potentially fraudulent purchase, would-be buyers should question why any legitimate seller would do this. Then check the seller’s website and be wary of anyone asking for a bank transfer rather than a debit or credit card transaction. Legitimate sellers do not usually do this, noted Martin.
Be aware of social engineering and its psychological manipulation, urged GeoEdge’s Siev. Scammers use them to get viewers to unverified pages, fraudulent schemes, and malicious scams.
Emotionally-charged ads are an effective low-tech way of luring users to listings of fraudulent or non-existent products, financial schemes, phishing scams, propaganda, and other low-quality landing pages, he added.
“Social engineering is the common thread that connects the most deceptive ad scams,” said Siev. Those ads look just innocuous enough to evade scanners and publishers’ in-house quality controls, he explained. “Cybercriminals attempt to appear legitimate and build trust with online audiences.”
Siev provided five tips on how to identify and avoid fraudulent deals:
- Acknowledge that differences exist between ads and editorial content. Ads with salacious text or imagery are red flags.
- Do not click on ads with mix-matched fonts/characters within the same sentence. To bypass text-recognition mechanisms, scammers replace English characters with special symbols.
- Beware of cloned sites with mistakes in the domain name that mimic the branding of reputable sites. They are probably malicious.
- Look for fake comments that attempt to build trust in the deal/product/offering.
- Do ample research on the advertiser/brand before sharing credit card details. Only buy products/services through verified companies/sellers.
Don’t Take the Clickbait
Phony content, or clickbait, is a tactic used to catch viewers’ curiosity so they click on a link. It is a strategy that easily snags people who fall for almost anything. Often, clickers end up on malicious websites.
Clickbait uses cognitive tricks to get clicks. Typically, it involves emotional manipulation appeals to impulsive emotions such as fear, excitement, curiosity, anger, guilt, and sadness. Learn to spot clickbait in all its forms and communicate directly with website owners when they face a bad ad, Siev suggested.
Financial scams often connect to trending news like cryptocurrency and government support programs. The goal is to trick internet surfers into sending money or sharing personal information.
“Having recognized the power of clickbait, cybercriminals, fraudsters, and wider advertising entities now aim to shock, scare, and emotionally manipulate online users through sensationalistic ad creative. Fake celebrity endorsements, outrageous claims about medical and financial products, sexually suggestive images, misleading messages are all current staples of clickbait,” Siev offered.
Click Bots Work Against Shoppers and Sellers
About 56% of website owners found clickbait on their sites last year. Only 9% of website visitors reported inappropriate ads directly to publishers through customer service or social media.
Website owners should keep in mind the legal and brand obligations to ensure that the ads they host and the landing pages to which they lead meet their standards for brand suitability, said Siev.
“That includes ensuring that ad creatives and landing pages comply with regulations on truth in advertising, fraud prevention, and other issues for which a site hosting a non-compliant ad could be held legally liable,” he added.
For brands, fraudulent activity is driven by a monetary gain in publisher click fraud, inflated metrics with influencer or affiliate fraud, or directed costs for competitive click fraud, Edgemesh’s Loveless explained.
“Criminals are trying to either gain advertising revenue with bot-driven clicks, gain importance by driving a high rate of bot-based clicks, or intentionally targeting competitive ads to increase costs and ultimately wasting ad budget,” he said.
Self-Protection Steps for Brands
The starting point for brands to protect against fraud is always to measure the level of the problem, suggested Loveless. Often this can be done by looking at the ratio of engaged users versus non-engaged users.
In an efficient online store, this should be about 80% plus. From there, adding inline protection and an IP reputation system to identify invalid traffic is the next step.
“Finally, brands need to tie identified bad actors back into their ad targeting systems, effectively building a real-time adaptive system to stop showing ads to networks/publishers/endpoints that are known sources of fraud,” he recommended.
With the approach of the holiday shopping rush comes the most competitive ad season of the year. There’s no better time than now to start ensuring every dollar of ad spend is put in front of customers rather than bots and bad actors.
“The base cost of advertising and total capital deployed naturally increases in Q3 and Q4. Now is the time to make sure your bought traffic is not bot traffic,” Loveless concluded.