Online Shopping Festivals-Things to Do Before Clicking on Add to Cart

Online sales are a huge rage these days! E-commerce firms are competing with each other to offer consumers the best deals possible. Sales carry attractive taglines like Up to 70% off, Midnight Flash Sale or Festive Discount. What could be more convenient than shopping comfortably from just about anywhere at any time?

Unfortunately, cyber criminals are also loving online shopping as it gives them an opportunity to harvest personal and bank/card details from unsuspecting consumers.

You might have come across one or all of these ads listed below, either on Facebook or WhatsApp or Pop-ups on different websites:

  • Super- Dhamaka offer!
  • Get free 4G internet for today only!
  • Share this sale link with 10 friends and stand to win an iPhone 7s

Sounds familiar? Perhaps you have clicked on the links and checked out the offers, and not just you, many other judicious net users too are lured by such tempting offers and proceed with purchasing.

The popularity of social media has made it a very useful scamming platform for cybercriminals, as messages are shared quickly and widely, especially since people tend to believe in messages sent by friends and then fall victim to phishing scams. Like this one below which was making the rounds last year:

Breaking News, Now Buy 16 GB Pendrive at Just 19 Rs. Buy It Now Before Sale Ends. Cash on Delivery Also Available. Visit  now

Fraudsters usually like to piggy back and leverage genuine ongoing sales to scam users. So, the moment reputed e-tailers like Amazon, Snapdeal, Flipkart start their mega online sales, there is likely to be a plethora of hoax websites and links shared via social media to direct users to these false sites. And scammers have become quite proficient at creating sophisticated and genuine looking websites that can trick a regular buyer too.

Does that mean you avoid buying anything online? NO WAY! I love it and I am sure you do too.

 Things to do before you start filling up your online shopping cart:

  • Check the security of your internet connection: First thing to do as an unsecured connection like public Wi-Fi can make it easy for hackers to steal your details
  • Check device security: Ensure you are using comprehensive security software to keep your device secured.
  • Check domain name: Before you click on the link, check the URL. For example, is quite different from
  • Check offers: Too good to be true? – It probably is. Cross check prices with other sites and with product review columns. Do you really believe an iPhone 7s can be priced at only Rs. 15,000?
  • Check refund and return policies: Read the T&Cs and the return policies and check the star rating of the seller. Proceed only after you are satisfied.

Cyber safety tips for, you, the smart online buyer:

  • Ignore emails from unknown sources: do not try to unsubscribe from these unsolicited emails. You could be just letting the scammers know that your email address is active. Mark as spam and move on.
  • Be suspicious: It’s good to doubt claims that seem too good to be true, and messages that contain too many words in capital, e-mojis and grammatical errors.
  • Be aware: Keep track of ongoing sales, hoax messages doing the rounds, and new phishing scams.

Knowledge is power and if you approach the shopping festivals armed with secured devices and updated info on scams, you will smartly avoid the honey traps set up by cybercriminals. Have a safe and secure online shopping experience!



E-Filing Your Tax Returns? Let It Not Tax Your Security

How many of my readers are aware of Digital India campaign? Yes, I am sure just about everyone has come across the government’s active effort to ensure India is ready for the future. It aims to make the majority of the government services available to every citizen, and online filing or e-filing of income tax returns is one such service many benefit from. It is simple, quick and convenient, and even offers special provisions for those who have missed the deadline. You probably are familiar with the system and have been using it over the past few years to file your returns.

However, there is one small hitch; cyber criminals are trying to leverage this to launch phishing attacks on unsuspecting users in an attempt to exploit them. Scammers dupe unsuspecting victims to part with their bank details and passwords through emails purportedly from the IT Department, and siphon off money from their accounts. Or, they may simply steal identity details and misuse them. It is therefore necessary to know how to identify a genuine email from the IT Department (check address, logo, content, grammar, salutation).

To state a common example, hackers send emails confirming returns and ask you to click on a link to fill in details like bank account number, password, date of birth etc., to process the return. Others scams include the “Income Tax Receipt” and “Verify PAN details”. The recent W-2 phishing attacks in the US are examples of scams where the TDS details of several employees were obtained via phishing. Taking cognizance of the rise in cyber frauds related to e-filing, the Department of Income Tax issued an advisory to protect unsuspecting users from phishing scams, in which it is clearly stated,

The Income Tax Department NEVER asks for your PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts through email.”

Here are a few suggestions to make your entire e-filing experience a smoother and safer one.

  • File way before deadline: You got to pay it, so pay up in time. If you delay and then have less time to complete the procedure, you will hurry and in the process may become less cautious.
  • Share personally identifiable documents with care: Be careful of who you share your identity documents with, including photocopies of your PAN and Aadhaar cards. These can be misused to create false identity
  • Do not trust links or zip files sent via e-mails: Do not open zip files or click on links even if the mail appears to be from the Department of Income Tax. If you want to know your refund status, check on the official website using your personal login credentials
  • Ads can be misleading: No free lunches, remember? An advertisement that offers to make the whole e-filing process seem like a cakewalk may actually be a phishing attempt. Consult a tax advisor or a trusted friend, but not an unverified site.

Smell something fishy? It probably is: You will never be asked to share your net banking password, email login details or your PIN while e-filing. Sound the mental alarm if any website asks for these. Though your email service will offer spam filter, hackers are becoming smarter. They are designing mails that look very authentic to penetrate your trust. I am sure that by now you all are using the amazing free tool McAfee WebAdvisor from Intel Security. Follow its advice on secure and suspicious sites to be better protected from online scams. The Department of Income Tax, Government of India, advises users to Use anti-virus software, anti-spyware, and a firewall and keep them updated.

While tax season is a particularly vulnerable time, security risks exist year-round. In order to prevent private information getting into the wrong hands, choose security options that are easy to use and mobile-friendly. Don’t let Tax, Tax your security 😉

True or Fake News? Know How You Can Separate Truth from Fiction Online

In the good old days, it was very easy to separate truth from fiction. Literature was clearly marked and newspapers offered facts. Those who told tall stories, or tabloids that indulged in sensationalism, were generally known and their words were taken with a grain of salt.

People are increasingly taking to the internet to get their daily news dosage. While some subscribe to websites to read newspapers and magazines, others like to browse through WhatsApp, Twitter, Facebook and other social media sites to get the latest headlines. In the connected era, false news gets dissipated widely via social media. As these stories are easy to understand and sensational, so they have a greater appeal to the masses. And the ones you believe are true, you are very likely to share it online or through chat apps, thus becoming a newsmaker yourself.

So think about it, is everything that you read online, really true? Not always.

Take for instance this piece of ‘news’ that a friend shared on Valentine’s Day, “Shahid Bhagat Singh was hanged to death on this day. Let’s mark this as Remembrance Day.” She really believed this to be true and thought it was her duty to make it common knowledge.

Or the following,

  • UNESCO declares Jana Gana Mana as the best national anthem in the world
  • Delhi man loses 30 kg in three weeks thanks to this superfood

And not surprising at all, all of this ‘news’ is fake.

The fabricated stories are designed to look authentic and intended to either make money by attracting high traffic to the site or to endanger trust.

Should you be worried about fake news?

Can you imagine the effect of fake news on impressionable tweens and teens? Ideally, this part of cyber safety education could be taught in junior school, to ensure children grow up informed and aware that one needs to STOP.THINK.CONNECT. But until that happens, parents need to educate them and for that it is necessary they themselves are aware.

So, time we find out how to identify fake from real and stay clear of them. Always look out for the following signs of danger:

Domain Name:

  • The name is a clever imitation of a genuine site, for e.g., ‘wikipidi’
  • The message contains a link that directs user to another site, which may contain malware

Tip: Don’t get foxed by the fancy looks of a site. Go to the official webpage and verify.

Source of publication:

  • If the source is unknown or anonymous, flag it.
  • If it contains a disclaimer at the end, like “forwarded as received” can you really trust the message?
  • Personal blogs reflect the opinion of the blogger and may or may not be a rational one.
  • Reports and thesis with grammatical and factual errors reveal that the content has not been researched well and may contain factual errors

Tip: Adhere to reputable and official news sites that are known to follow ethical practices of journalism and avoid sensationalism. Cross-check facts.

Your role as a responsible and digital literate person:

  • Be aware: Double check content with well-known sources and cross-verify with other sources
  • Be skeptical: If you feel any content is a hoax, cross-check and then report it. Facebook allows you to do so, as do many other platforms
  • Be sure: Don’t play accomplice, verify before sharing.
  • Be careful: Do not click on links sent via social media without ensuring its authenticity
  • Be dutiful: Educate others when they share incorrect news and report it.

Last but very important, always use comprehensive security software on your device to safeguard your digital life. Fake news often contains cookies and malware intended to harm your device and steal information. It is more difficult to identify fake links and websites on a mobile phone, so you need to secure your smartphone and tablet too. Your security solution will guide you around safe and unsafe websites and help you make the right choice every time. You may also download the free tool, McAfee WebAdvisor, here.

With practice, you will become adept at separating the grain from the chaff. Remember the cybersafety mantra- STOP. THINK. CONNECT. – and practice it.

Stay protected and stay Cybersmart!