The link to the IT Security Awareness Quiz is at the end of the article. Complete the quiz for an entry in a drawing for one of five $50 Amazon gift cards. 

Over the past year, online shopping has taken a frightening turn. What was once a convenient way to buy goods has become riddled with scams, misinformation, and deception. According to Mastercard, last year, losses and damages from cyberattacks totaled $9.5 trillion, making cybercrime the third-largest economy in the world — and growing, thanks to the widespread availability of AI tools to supercharge scams and accelerate attacks.

The rise of deepfake technology is only one of many reasons why online shopping has become increasingly unsafe, shaking consumer trust and leaving shoppers vulnerable to fraud. Deepfakes are just the tip of the iceberg; unsafe practices, unchecked scams, and lax oversight have made online shopping a minefield for the unsuspecting.

For those unfamiliar, a “deepfake” is a form of synthetic media, such as images, videos, or audio, generated by AI, that depicts events or people that are not real.  It can sometimes be difficult to distinguish manipulated content from genuine information.

The Many Dangers of Online Shopping

Online shopping has always carried risks, but recent trends have amplified these dangers. Beyond deepfake scams, shoppers now face phishing websites, hacked payment systems, counterfeit goods, fake customer reviews, and malicious apps disguised as legitimate shopping platforms.

Take phishing websites, for example. Scammers create websites that resemble popular retailers, complete with logos, fonts, and layouts. Shoppers enter their payment details thinking they’re making a legitimate purchase on a presumed legitimate website, only to have their credit card information stolen. Similarly, mobile apps that claim to offer exclusive discounts or other enticements when clicked often contain malware designed to steal personal information or hijack banking apps.

Counterfeit products are another growing concern. Fraudulent sellers flood platforms like Amazon, eBay, and Etsy with counterfeit goods that mimic trusted brands. From electronics to pharmaceuticals, these counterfeits are not only a waste of money but can also pose serious health and safety risks.

Even legitimate e-commerce platforms are struggling to protect consumers. Hacked payment systems and data breaches have become increasingly common. For example, in 2024, several major online retailers suffered breaches that exposed millions of customer accounts, including credit card information and delivery addresses.

The Deepfake Dilemma

These methods of perpetrating fraud are not new.  What is new is the rate at which deepfake technology is being used to add a terrifying new layer to online shopping scams. Once limited to entertainment and political manipulation, deepfakes have now infiltrated the retail world. Using artificial intelligence, scammers can create convincing videos, images, and audio that are simply not real or true.

One notable example involves social media ads featuring deepfake-generated influencers or celebrities endorsing luxury goods, such as designer bags or skincare products. These ads redirect shoppers to fake websites that mimic trusted brands. Shoppers, believing they’re getting a great deal, unknowingly hand over their money to scammers.

Even customer service interactions aren’t safe. Deepfake-enabled virtual assistants are being used to impersonate legitimate customer service agents, guiding users to fraudulent payment portals or asking them to share sensitive account details.

How to Protect Yourself Online

While the dangers of online shopping are real, there are practical steps you can take to reduce your risk:

1. Stick to Trusted Retailers: Always shop directly from well-known brands or authorized sellers. Avoid clicking on social media ads or links you’re unsure about.
2. Verify URLs and Apps: Before entering payment information, double-check the website’s URL. Look for secure connections (HTTPS) and avoid sites with misspellings or odd domain endings. Only download shopping apps from official app stores.  Use the same skills you learned from being diligent against phishing in the workplace and apply them to your personal life.
3. Be Skeptical of Unrealistic Deals: If a deal seems too good to be true, it likely is. Research the product and seller before making a purchase.  Also, be skeptical of deals that will expire soon, i.e., whenever there is a sense of urgency to act now—a countdown clock or timer display, etc.
4. Look for Independent Reviews: Don’t trust reviews on the seller’s website alone—search for independent reviews on platforms like Trustpilot or Reddit.
5. Use Secure Payment Methods: Opt for credit cards or secure payment platforms like PayPal, which offer buyer protection. Avoid using debit cards or bank transfers.
6. Monitor Your Accounts: Regularly check your bank and credit card statements for unauthorized transactions. Report any suspicious activity immediately.
7. Use a strong password and enable Two-Factor Authentication (2FA): Protect accounts tied to your online shopping by enabling 2FA to prevent unauthorized access.
8. Don't auto-save your passwords or credit card numbers except in a reputable password management site like Keeper. The inconvenience of re-entering the information or entering you information into a password management site is insignificant compared to the time you would spend trying to repair the loss of your stolen information.
9. Don't respond to pop-ups. Ignore pop-up offers and deals. Just close them. Don’t respond, click links, or call the phone numbers. Similarly, don’t respond to pop-ups saying you need to prove you are a real person, buy anti-virus software, or software to “clean your infected computer.” These are all scams.
10. Disable Bluetooth, wireless, and Near Field Communications (NFC) when not in use. This will reduce the risk of your data being intercepted by thieves.

Final Thought

The convenience of online shopping has come at a steep cost. From counterfeit goods and phishing scams to the rise of deepfake-enabled fraud, the digital marketplace is teeming with threats. As consumers, we must arm ourselves with knowledge and skepticism, while holding platforms accountable for the safety of their users.

In the age of exploding scams and deepfakes, shopping online is no longer just about finding a good deal—it’s about protecting your money, your identity, and your peace of mind. By staying informed and practicing caution, you can navigate the chaos of online shopping and avoid falling victim to the growing tide of digital deception.

Remember: trust is hard to earn but easy to lose. And in today’s online shopping landscape, it’s worth guarding more closely than ever.

Take the quiz on avoiding holiday shopping scams. The prize for passing the quiz is one entry in a drawing for one of five $50 Amazon gift cards. 

Additional Resources

• Mastercard: When it comes to fraud, a sense of insecurity and even inevitability, global survey shows
• Cybersecurity & Infrastructure Security Agency (CISA): Online Holiday Shopping Scams
• National Cybersecurity Alliance: Online Shopping
• FTC: Free Credit Reports
• ScamAdvisor.com
• Kerry Tomlinson, Emmy Award-Winning Cyber News Reporter (and UC Berkeley Alum) site: https://ampyxcyber.com/news