Compras Inteligentes: como evitar fraudes nas compras online durante a Black Friday e festas de fim de ano

With increasing digitalization and the interconnection of devices, cyber threats have become increasingly sophisticated and varied, representing a significant challenge for consumers and businesses worldwide.

A survey commissioned by Mastercard to Datafolha reveals that seven out of ten Brazilians have already experienced some digital threat, and 13% have had their data leaked.

According to the edition of the “Digital Security Barometer,” released in 2024, 64% of Brazilian companies are targets of fraud and digital attacks with medium or high frequency, representing a 7% growth compared to the first edition of the study, released in 2021.

“The second half of the year is a period when online shopping intensifies, due to dates such as Children's Day, Black Friday, and year-end holidays. Therefore, it is necessary to take extra care,” says José Luiz Assoni Jr., Master Solutions Integrator Analyst at Softtek Brasil, a leading multinational in the IT sector in Latin America.

Some of the most common cyber threats in online shopping are:

• Phishing: a digital bait where criminals send emails or messages posing as trusted companies to deceive consumers and steal their personal information;
• Payment information theft: criminals use techniques such as fake websites or data interception to capture consumers' credit or debit card information during an online purchase;
• Fake websites: counterfeit copies of legitimate online stores, created to collect consumers' personal and financial data and make fraudulent purchases in their name;
• Ataques de Man-in-the-Middleattacks: in this method, criminals insert themselves into the communication between the consumer and the website to intercept and steal their confidential information, such as passwords and payment data;
• SQL injection: a hacking technique that allows criminals to manipulate a website's databases to steal personal information or even control the website;
• Credit card fraud: consumers' credit card data can be used to make unauthorized purchases, even if they have not provided this information directly to a malicious website;
• Credential theft: criminals collect stolen passwords from different websites and attempt to use them on other platforms to access users' accounts.

“These cyber threats exploit users” trust to gain unauthorized access to personal and financial information. It is essential to be aware of these practices and adopt security measures to protect your data during online shopping," explains Assoni.

How to protect yourself

Below, the executive lists some tips for consumers to protect themselves from these threats:

· Verify the authenticity of the website: confirm the address and look for security seals;

· Use secure connections: avoid public Wi-Fi and prefer HTTPS;

· Create strong and unique passwords: use complex passwords and enable two-factor authentication;

· Keep your software updated: install security updates;

· Use an antivirus: keep the antivirus updated and perform regular scans;

· Be wary of offers that are too good: if it seems unreal, it probably is;

· Do not click on suspicious links: avoid links from unknown sources;

· Use a virtual credit card: protect yourself in online purchases;

· Monitor your accounts: review statements to detect fraud;

· Perform regular backups: ensure backup copies of your data.

Assoni also warns about the role that social media plays in the spread of fraud, especially during Black Friday, and how consumers can protect themselves.

“Social media plays a crucial role, both positive and negative, during Black Friday. Among the main frauds that spread on social media during this period are misleading ads and promotions, malicious links, fake profiles and stores, phishing scams, and fraudulent giveaways. Additionally, there may be social engineering, which manipulates consumers into handing over confidential information,” warns the executive.

“To avoid these scams, consumers can adopt some practices such as checking the store's reputation and reading reviews from other consumers, as well as manually entering the store's website in the browser and verifying HTTPS, confirming if the site has the security lock. I also recommend using secure payment methods that have some protection factor, such as multi-factor authentication and tokenization,” recommends Assoni.

It is worth noting that online retailers should also take measures to protect consumer data and ensure secure transactions.

“Online security ranges from the technical protection of data to team awareness and transparency with customers. Some measures that online retailers can take to protect their consumers are encryption, protecting sensitive data during transmission using HTTPS, obtaining certifications and seals that prove the website's security, keeping it always updated and monitored to fix potential flaws, in addition to detecting and blocking suspicious activities,” he concludes.