With the holiday season just around the corner, Aussies are gearing up for the year’s biggest shopping spree, out to score great deals. Over the six-week lead up to Christmas, shoppers are expected to spend more than $69.7 billion – a significant part of it online, especially during Black Friday and Cyber Monday sales.

This year’s Black Friday/Cyber Monday weekend is on track to break records, with Australian shoppers anticipated to spend a jaw-dropping $6.7 billion, 5.5% increase over 2023.

More Australians are shopping online now than ever before. According to Australia Post’s latest eCommerce report, 4 in 5 Australians shopped online in 2023, a 1.4% rise from the previous year. But as online shopping grows, so does the risk of scams.

“As we head into peak shopping season, scammers are ramping up their tactics, preying on deal-seeking consumers,” says Mark Anderson, National Security Officer at Microsoft ANZ. “While shoppers are becoming more aware of common scams, these tactics are evolving. New technologies like AI make it easier for scammers to operate and harder for people to detect these schemes.”

With over 143,000 scam reports already this year, it’s more important than ever for shoppers to stay vigilant. “We all need to stay alert during this time to avoid falling victim,” Anderson adds.

High-tech scams to keep an eye out for this holiday season

Whether it’s through sophisticated video manipulations or enticing but deceptive online offers, scams can be incredibly convincing and easy to fall for.

Microsoft’s latest Digital Defence Report highlights some of the scams you should watch out for this holiday season, including:

1. Deepfakes

With AI-driven deepfake technology, scammers can create realistic fake videos and audio that impersonate trusted individuals. They might use fake video calls or voice messages from familiar sources like friends or family members, tricking users into sharing sensitive information or making unauthorised payments.

To protect yourself, always verify unusual requests by contacting the person directly, and be cautious with links and attachments from unknown sources. Look for signs of manipulation, like unnatural movements in videos, and consider using multi-factor authentication for added security.

2. Techscams

Techscams often involve fake tech support pop-ups or calls that appear after visiting certain shopping sites or clicking on ads, impersonating companies like Microsoft or Apple. They convince shoppers to share sensitive information or pay for fake services to “fix” non-existent issues.

Other techscams create fake shopping deals or impersonate well-known retailers, luring shoppers to fraudulent sites where they unknowingly enter payment details or make purchases that never arrive.

Microsoft’s report highlights that techscams have led to significant financial losses globally. In fact, techscams can impact wallets up to ten times more than traditional phishing attempts, making it crucial for holiday shoppers to stay vigilant and double-check the legitimacy of offers and websites.

3. QR code phishing

While QR codes are a convenient way to share and access information, they can also lead you to fake websites designed to steal personal information. These sites can direct you to a fake sign-in page where you could unknowingly enter your credentials, potentially bypassing security measures like multi-factor authentication.

To avoid these, be cautious with QR codes from unknown sources and always verify requests for personal information.

Top tips to stay safe this peak shopping season

Mark Anderson, National Security Officer, Microsoft ANZ shares tips to stay safe

1. Avoid clicking links or attachments

During the holiday season, scammers capitalise on our search for good deals. If an email or text offers deep discounts, tight timeframes to take an offer up, or unusual availability for an item that is sold out everywhere else, it could be a scam. Play it safe: don’t click on links or open attachments in SMS or email. Instead, go to the retailer’s website directly and see if the offer checks out.

2. Be sceptical, even with familiar contacts 

Phishing messages are more convincing and harder to identify than ever. Be cautious with unexpected texts from friends or family members asking for money. Or an email from your bank asking for your personal details. Always apply additional scrutiny and double check directly with the sender before doing what they requested, opening or downloading an attachment, or replying back to their message. Fake invoices are another common trick used to prompt unauthorised payments or downloads.

3. Use unique passwords and multi-factor authentication 

Consider using a password manager to help store your strong, unique passwords securely for each site. Also, enable multi-factor authentication wherever possible. I can’t stress enough how this simple step can be what will save you from a scam. This adds a second layer of security, which Microsoft reports can block 99% of password-based attacks. However, be wary of unexpected multi-factor authentication alerts, as these could indicate an attempt to breach your account.

4.Report suspected scams to authorities

If you think you’ve been scammed, act quickly. Contact ID Support NSW on 1800 001 040 or visit https://www.nsw.gov.au/id-support-nsw. The Australian Cyber Security Centre (ACSC) also provides assistance through their 24/7 hotline at 1300 CYBER1 (1300 292 371) or by reporting online at https://www.cyber.gov.au/report-and-recover/report.