It’s time.
A few times every year, Amazon and other online retailers gear up to drive their ink into the black by trying to offer exactly what you want at the price you’re willing to pay during sales like Prime Day. It’s an important day for many businesses as well as the economy as a whole — spending money seems to make the world go ’round.
It’s also a favorite time of year for scammers and thieves. Unfortunately, it’s not legal to corral them all up and make an old-time Celtic bonfire, so to them, it’s worth the time and effort to try and steal your stuff or your money. You can avoid it.
One of the web’s longest-running tech columns, Android & Chill is your Saturday discussion of Android, Google, and all things tech
I hate having to write about this, but I hate scammers and their filthy tricks even more. While they’re always out there looking for a victim, big pre-planned sales like Prime Day bring them out of the woodwork. Flies, manure, and all that.
What you need to know is how they operate and the easy-to-spot tricks they will try to pull. Everyone can get scammed or robbed, but people who aren’t paying attention are the best targets because the easy methods often work; besides being crooks, scammers are usually lazy too, and will look for the easy way every time.
That means it’s pretty easy to avoid most of the garbage with a healthy level of paranoia.
Phishing and what to look for
When millions of packages are on their way to millions of people, scammers know it’s a great time to trick you into handing over your information. Be wary of any messages you get about the things you bought or are looking to buy, or from an online retailer about your account.
The first thing to do is check who it’s coming from. If an email says it’s from Best Buy or Amazon, but it came from some random bullsh*t place like backup-mailer.com, it’s fake. Best Buy emails come from bestbuy.com, Amazon emails come from amazon.com, eBay emails come from ebay.com, etc.
Also, look at why the message says you need to take action. It’s easy to grab a few images and forge an email, but a scammer doesn’t know what you bought or when you bought it. The same goes for delivery companies — UPS might need to send you an email about a package it has to deliver to you. If they do and it’s legit, it will be for something you actually ordered from a website you actually used and will be from UPS’s actual website, not some random place.
You also typically need to create an account to make a purchase from an online retailer. That means scammers know you probably have an Amazon or eBay account, and it’s common to see a fake email that sends you to a fake website that looks just like the real thing, where it asks you to sign in.
Once a thief has your username and password, they’ll order stuff that ships quickly using your real payment method. They get free stuff, and you get to try and fix the mess — it’s a lot easier to look closely at a message and be sure it’s legit.
Remember — never trust a message unless you know who it came from. Retailers like Walmart or Amazon have their own infrastructure and won’t farm out a company that uses a goofy web domain to provide customer service.
Your credit card number is the same as cash
Sometimes, you find a great deal from a website that’s not a household name. This is especially true for specialty products — I like to try and buy from small retailers whenever I can to help support them. I’m always on the lookout for a great deal, but supporting people without a billion dollars in the bank is important to me, too.
Unfortunately, you can’t really trust the people behind a website to have good security in place, and sometimes, you can’t trust the people running a website at all. Credit card numbers are literally money, and they’re far too easy to steal.
There are a couple of ways to prevent this, and the easiest way is built right into your phone. If a website gives you the option to use Apple Pay or Google Pay, use it every time you buy something. Klarna recently announced Google Pay integration, so you can use your virtual card to pay later for things, which is great.
PayPal is another option that hides your credit card number, and many online retailers, big and small, accept it. I know many people don’t like PayPal for one reason or another, but it is an option, and it will keep some ne’er-do-well from getting your card number and security code.
It is also worth checking if your card provider offers the option to use a virtual card. These links directly to your account, but they use a randomly generated number and special software to authorize purchases and are pretty foolproof.
Sellers can be scammers
I hate to say it, but a lot of products you see at online retailers (Amazon in particular) are from sellers that really shouldn’t be allowed to be there.
These aren’t first-party sellers. For example, you can buy a new Galaxy S25 on Amazon from Samsung, Amazon itself, or someone else who might not be as trustworthy. Always buy from a name you know and trust whenever you can. That goes for lower-priced items like cables or phone cases as much or more than big-ticket items like a phone or a laptop.
Third-party sellers who aren’t legit do two things to try to trick you. First, they will assemble a lot of fake reviews that simply give a high star rating or use a few short words like “Great!” or “Good seller!” to make you feel more trusting. It doesn’t take a lot of fake reviews to drive the rating up, even if there are some more legit and worse reviews posted. Always take a peek through the product reviews before you click to see what you’re looking at and who is selling it.
Unfortunately, it’s also easy to farm fake reviews by offering to give away products to anyone with a webcam and a willingness to lie for free junk. These are harder to spot, but they often don’t read like they’re very genuine, because they’re not.
Another trick is to slowly increase the price in the weeks and months leading up to the Prime Day, allowing them to offer a bigger percentage off and claim it as a deal. If a product usually sells for $10, getting it for $8 is a nice deal. If the price is increased so that the $10 product is listed for $18, it looks like a super deal when it’s listed at $8.
Use services like ReviewMeta to help you make better shopping decisions!
Packages are like a magnet for thieves
A few years ago, I had a visit from a Porch Pirate, and I was mad as hell about it. What they stole — it was a bag of cactus potting soil — wasn’t important, but it was my cactus dirt. I hope their plants choked on it.
To fix the problem, I bought a Yale Smart Delivery Box. It’s a large bin with a smart lock, and the delivery person drops off my items in it, where they stay safe until I retrieve them. Maybe cactus dirt doesn’t need high-tech protection, but some other things we order do.
You probably don’t need to buy a big box to protect your packages because you live close to a locker of some sort. You can find an Amazon Locker in most places, and UPS has them, too. You can also have your packages held for pickup at the post office or delivery company, or have them sent somewhere like The UPS Store. The packages stay safe and out of the weather, so you can pick them up when you have the time.
If you live out in the sticks as I do — at the time, the closest locker was about 30 miles away — you should invest in your own smart locker if you buy a lot of stuff online. Thieves are especially interested in porch boxes this time of year.
Another great way to deter package theft is with a smart camera. Something like a Nest Doorbell is conspicuous and will capture a person trying to steal your stuff. Thieves know this and will often skip houses with a big video camera or doorbell pointing at them.
AI makes it too easy to steal from you
Google, Meta, OpenAI, and all the rest have made it a lot easier to steal from you by using AI to do it. There is nothing anyone can do about that; when you make technology “smarter,” people will find a way to use it to hurt other people.
AI can do everything I’ve talked about here. AI can easily send out thousands of phishing emails or RCS messages every day, and if even a few people get suckered in, it was worth it because AI is a lot cheaper than an army of crooks with keyboards.
AI can be programmed to harvest credit card numbers or account details from computers and systems infected with malware. It’s actually really good at it because those details are unique and stand out.
AI can even be used to track the movement of packages, so someone knows when that big boxy Amazon truck is in your neighborhood.
Worst of all, AI makes it easier to do this if someone is willing to figure out how to ask the right things.
AI goes a step further, though. Imagine getting a message from your spouse saying they can’t remember the Amazon password. It could even be a voice mail message using their voice. AI makes this simple to fake.
I’m serious — I could do it. If I can do it, that means people smarter and more crooked than I can do it even better, and they are. With enough time and effort, you can get a phone call or a message from the right person, originating from the right place, asking for just about anything.
You can avoid this. If I were to get a message from my wife asking for a card number or a password, instead of answering it, I’d pick up the phone and call her. Only after knowing that I was talking to my wife would I entertain the idea of sharing my information.
The same goes for a shipping company like UPS or an online retailer. Never click a shortened URL link that can go anywhere, even if you’re sure it’s legit. Pick up the phone and call a real customer service number. I know everyone hates talking on the phone but it just might save your ass.
Now go on and spend more than you can afford on things you didn’t really need anyway. Just be a little wiser and less trusting because it’s that time of year again
Source link
