Now that Black Friday is here, it’s clear that the dangers facing online shoppers are greater than ever. The latest reports show that scam websites have increased by 89% in the past year and almost 80% of shopping offers that arrive in inboxes are fraudulent. We’ve even seen Google search results being poisoned to send traffic to dangerous websites.

ForbesiPhone and Android Alert: This scary new hack will break your phoneBy means of Zak Duffman

It’s no surprise, then, that the FBI has released a new warning for online shoppers, outlining which merchants to avoid on Black Friday, Cyber ​​Monday, and during the holiday season. For all users of Chrome, Safari and Edge, who control 95% of the US browser market, this is an essential checklist to stay safe.

The FBI’s advice on which sellers to avoid boils down to seven key points. Consider this your online safety check this holiday season – don’t take any chances:

1. Do not purchase from websites until you have carefully checked the URL to ensure it is legitimate and safe. Websites should have the telltale secure connection padlock in the address bar and https at the beginning of the full address. If the website is not secure, the URL is clearly incorrect, continue.
2. Don’t buy from a website for the first time before you’ve done some research and checked all available online reviews. Keep in mind that reviews can also be faked, so don’t gloss over the first one you come across.
3. If you use an auction site or a similar marketplace, “be wary of sellers with predominantly unfavorable feedback ratings or no ratings at all.” You want sellers with a high number of completed transactions and favorable reviews.
4. Don’t buy from sellers “who act as authorized dealers or factory representatives of popular items in countries where such deals do not exist.” This is a well-known scam where these storefronts take orders and rarely ship goods, while the goods they do ship are usually counterfeit.
5. Also beware of sellers “who post an auction or listing as if they live in the U.S., but then respond to inquiries by stating that they are out of the country for business, family circumstances, or similar reasons.” Again, this is a typical scam where the seller will provide a plausible excuse for having a foreign address or phone number. Go on.
6. Don’t buy from websites that specify unusual shipping arrangements or offer to avoid customs checks or fees, or buy from sellers you don’t know ask for direct money transfers. Always use a credit card that offers extra controls and protection.
7. Do not pay for items you purchase with prepaid gift cards. As the FBI explains: “In this scam, a seller will ask you to send him a gift card number and a PIN. Instead of using that gift card for your payment, the scammer steals the money and you never receive your item.

According to Check Point’s cyber research team, “cybercriminals are working overtime – with Black Friday and Cyber ​​Monday approaching, threat actors are ready to take advantage of consumers hoping for the annual discounts.” The team warns that the “increase in the number of websites related to Black Friday this year is 89% higher than the increase in the same period last year… Almost all of these sites imitate well-known brands, and almost none are classified as ‘safe’.”

Check Point offers a similar five-point checklist to the FBI’s:

1. “Check URLs carefully for misspellings or unusual host domains.
2. Make sure the URL starts with ‘https:// and shows a padlock icon.
3. When emails arrive, reference the sender on emails you know are genuine. Don’t click on anything you’re not sure about.
4. Do not blindly click on QR codes.
5. Never enter unnecessary data, such as your social security number, and avoid entering additional information, such as your birthday, where it is not required.”

Check Point also provides some examples of the types of URLs designed to trick users into visiting fraudulent websites:

• Stüssy (Steatwear): stussycanadablackfriday(.)com
• Longchamp (bags): longchampblackfriday(.)com
• Wayfair (online home store): wayfareblackfriday(.)com
• SOREL (shoes): soreloutletblackfriday(.)com
• Crew (retail): jcrewblackfriday(.)com
• IUN (shoes): blackfriday shoe(.)top

The extra attention to phishing is crucial. This holiday season, Bitdefender warns that “cybercriminals have wasted no time trying to capitalize on the madness,” with as many as 3 in 4 Black Friday-themed marketing spam emails now actually a scam designed to scam you out of your scam money or even install malware on your device to steal your credentials or data.

ForbesSamsung updates millions of Galaxy phones: you have 24 hours to install thisBy means of Zak Duffman

This year we’ve seen a flood of AI-crafted phishing lures that make impersonating a popular, trusted brand all too easy. And these enticing, time-sensitive offers can be sent to email addresses on an industrial scale.

“Remember,” the FBI warns, “if it seems too good to be true, that’s because it is.”