Shopping on the Internet always deserves attention, but during Black Friday when thousands of consumers are looking for promotion, they increase website traffic and virtual stores, care must be doubled because they can spread false promotions, including through social networks and email, scams and theft of data. The promotion date will be this Friday (23).
According to Sylvia Bellio IT Line IT Infrastructure Specialist, hackers are always looking for opportunities to steal data or send viruses and at the same time use more access to virtual stores to attack. Therefore, before purchasing online, the expert warns that it is important for the device to be up to date, as recommended by the manufacturer.
"The update serves, among other things, to repair system crashes that can prevent possible attacks and viruses," he explains. According to her, besides updating, it is necessary to protect the computer with a high-quality antivirus.
Check out the 16 items to take care of at the time of purchase, and below, expert advice:
- Pay attention to open networks: Free networks may not be protected
- Find out if the site is safe: Make sure you shop on a secure page
- You have an antivirus program: Can detect sites containing malicious files
- Beware of passwords: use one for each registration
- Protect your credit card: Disable the option to save card data to the point of purchase
- Payment methods: Distrust of shops that only accept a transfer or ticket
- Promotion by e-mail: Watch out for incoming links, rather go directly to the store page
- Phishing reports"#: Check your address before tapping incoming links
- Social promotion: Beware of possible false pages to steal data
- Be careful at every purchase step: print from each purchase screen
- Smaller stores: prefer to those who have an intermediary as a payment system
- Trusted shops: Check the reliability of the stores on the claim pages
- Similar websites: always check the virtual address (link) of the page
- Fake trades: Watch out for pages from unknown stores that can make sales and not deliver
- Purchase by mobile phone: Download only apps from official stores
- False applications: Check the name, developer, and number of reviews when downloading applications
Instructions for experts:
1. Watch out for open networks
When accessing free Internet networks in public places, great care must be taken because there is no guarantee that they are protected. Procon reminds you that you will never run online transactions on unknown computers (rope houses, cyber cafes, machines, or public networks) because they may not be sufficiently protected. If you enter, be sure to keep the Store Log on page to prevent access and data from third party use.
Richard Bento, Head of Itaú Unibanco's Corporate Security Department, warns that when performing online transactions, you must use a computer with an up-to-date antivirus, browser and operating system and firewall enabled on known wireless networks with a password or private connection (3G or 4G).
2. Find out if the site is safe
When selecting a promotion website, you need to make sure it is on a secure page. The padlock symbol in the address bar on the left is one of the main indications that the site is official. To make sure the label is true, click it and wait for it to be redirected to the original page of the company that makes the certificate available, explains Bruno de Oliveira, an e-commerce expert.
Luiz Pavão, Director of Strategy and Marketing for Infracommerce, a full e-commerce service, recommends checking whether the address begins with httpwith: //. This helps prevent stolen customer data or credit card cloning, for example. Sylvia underscores the law that requires virtual stores to create visible company information such as physical address, phone number and CNPJ.
According to Julius Mendes, a good antivirus program will be installed on the computer or mobile device through which they will be purchased, helping to detect sites that contain malicious files, viruses, malware, or indications of hacker attacks. "So it's important to keep up-to-date. There are a number of free trial and subscription programs on the market today," he says.
Richard Bento recommends creating a unique password for each registry to prevent it from being personal data. "Never use the same password to access your bank or e-mail to register in stores," he says.
5. Protect your credit card
The card is one of the main targets of hackers. When filling in card data, a number of stores have devices that automatically store their data, always check and deactivate this option. This prevents your personal data from being stored and can go into the wrong hands if the web site of the store is hit by a virtual attack. "A good alternative is to verify if the bank already has a virtual card technology that offers another code for every online purchase," says Sylvia.
Richard Bento explains that a virtual card is generated from the application. The number will be valid for one transaction and for a certain period of time to prevent criminals from using it if they have access to the data stored on the site.
The form of payment the web receives may also be a warning sign for identifying suspect sites. "Transactions that accept only bank transfer or pillars become potential suspects, as they do not offer the possibility of later cancellation, and operators use more credit when using credit cards," says Paulo Cruz, a lawyer for consumer rights.
7. Email promotion
Luiz Pavão says that many fraudulent attempts come through fake emails with links similar to real-world pages that mimic the interface. "It is important to look at the path that led to e-commerce and when to get the name of the store into search engines," he explains. Also, when you receive an e-mail with promotions, you must first check the sender. It is important that in the sender's e-mail, after "@", the domain of the company that promotes the posting.
Julio Mendes, Soluti's sales manager, warns of an increase in unsolicited emails with offers and discounts. Therefore, it recommends accessing the site directly by entering an address in the browser.
If in doubt, contact the company via official channels and confirm the action.
8. Phishing News
Leonardo Carissimi, director of Unisys Security Solutions for Latin America, warns that incoming messages known as phishing, which were previously limited to e-mail, are now also common on mobile devices and sent via SMS and WhatsApp.
According to him, these messages come with click links and offer enticing promotions. Check them before clicking, place the cursor on the link to see the actual link, and make sure it looks legitimate or not. On the smartphone, the SMS and WhatsApp messages of unknown numbers are an important warning signal, but also watch the chain messages sent to friends or groups.
9. Promotion in social networks
According to Richard Bento, you must be aware of links that are published on social networks or through Whatsapp – they can redirect you to fake sites with the intention of stealing consumer data.
"Targeted ads that haunt us on social networks or on other sites we visit can also hide traps." "Contributions to promoting products from unfamiliar trades or absurd benefits should be subject to greater distrust," said Leonardo Carissimi.
10. Attention to every purchase step
Francisco Cantão, founder of Black Friday's Truth and partner in Proxy Media Marketing Digital, warns that given that the amount of information and transactions within 24 hours of promotion is huge, many sites can not process all transactions, lose orders in the way . This process facilitates the activity of criminals who want to steal banking data.
It is recommended that you be very careful at every step of the purchase, by printing on every screen you are viewing to prove that the order has been confirmed and paid. When checking, verify that the generated ticket matches the company and whether the card is in a safe environment.
According to Planning and Strategic Consultant Marcos Freitas, when shopping for smaller stores, the consumer should prefer users who have a type of payment system such as PagSeguro, PayPal or MercadoPago, as there is a procurement agent in the process of securing both customer data and intervention benefit the customer if this would cause a problem.
According to Sylvia, there are places where consumers evaluate the stores that are a good source for buying products from a particular company, as well as consumer protection agencies such as Procon.
Eduardo Ganymedes Costa, a consumer protection expert, recommends paying attention to whether e-shop addresses are correct, as digital criminals create websites with a similar address as the famous stores that have tricks to buy.
Tom Canabarro, co-founder of Konduto, which offers an anti-fraud solution for e-commerce, points out that the biggest dangers for consumers are in fake stores that usually appear during the black Friday.
"In recent years, we've seen a number of cases of fraud that followed a well-known travel plan: presumed e-commerce that offers highly sought-after products such as smartphones at a very affordable price by paying a ticket or bank transfer. sent, the place was gone, and the consumer suffered, "he says. According to him, besides these indications, there is another factor that can help in the identification of fake trades, mistakes in Portuguese, and inconsistent language.
When shopping with mobile phones and tablets, we recommend downloading only apps from official stores and taking care of applications that require suspicious permissions, such as access to contacts, text messages, administrative features, stored passwords, or credit card information.
Academic Digital Marketing MBA in the Getulio Vargas Foundation (FGV) André Miceli warns that users should always confirm the application background before downloading. "Try the developers, some malicious developers write bad tags to trick users," he explains. According to Leonardo Carissimi, it is recommended to enable localization features to help in case of loss and to erase all data in case of device theft.
He said it is important to make sure that the devices are up to date, including applications and the operating system.
Leonardo Carissimi warns against multiplying false applications. Recommends checking:
- app name and developer because counterfeiters use names similar to official apps;
- The number of reviews the app has (the fake app will have several reviews)
- the date of the release of the application (not the update), since fake applications tend to have a recently published date in the last period; and
- if the inscriptions are in the name or description.
If you have any doubts, go to the store's website to find out about the mobile app, including the download link from the official applications store for each operating system.
Last month G1 received a complaint from a reader who said they had entered the smartphone promotion through a social network that headed to Lojas Americanas. However, despite the beginning with https: //, the link to the site did not have the name Americanas, and started with www29.saldao-mes-das-criancas.com. The instrument price was about 1/3 of the original value. The only option was to pay with boleto bancário and the site accepted the initial registration of customers and new registrations. The American claimed it was a scam and withdrew from the airline's offer.
The company encourages customers to always check whether the site is www.americanas.com or www.americanas.com.br – the different electronic addresses of these companies do not belong to the company. If your ad has been submitted by email, you should check that the sender of the message is [email protected]; [email protected]; [email protected]; [email protected]; [email protected]; or [email protected]
According to the company, all products sold at Americanas.com have payment options for boleto bancário, credit card and AME Digital account. The brand also has a safety guide located at the bottom of the page, with tips and instructions for the customer to buy safely.
Among them, the company does not send emails with files or tickets; all payment cards are issued by Banco do Brasil; and does not require cadastral data or passwords via email, phone, or WhatsApp.