Magazine

Christmas shopping: how to spot fraudulent E-shops and not lose money

🎄 With the arrival of the Christmas holidays comes the hustle and bustle when people are shopping for gifts for their loved ones. In many cases, they don’t even realise that they may be falling for a scam. We had a webinar on this topic in early December, which we decided to release and publish.


📱 The most widespread scam is phishing and its other types: smishing (scams sent by text message), vishing (the scammer contacts you by phone) and spoofing (the scammer can imitate any phone number such as a hotline of a bank or other institutions). The aim of all these attacks is to get your money.

🛍️ In addition to phishing, we should also be wary of places where we want to buy gifts, i.e. various online markets or e-shops. We always recommend that you first check the information about your chosen e-shop through reviews, the web domain, contact information or a preview of the terms and conditions. If you pay by credit card, you can try using the chargeback service in case of problems: https://www.duofinance.cz/chargeback.

⚠️ It is important to check that you find the name of the entity in the header, this information is often intentionally missing on fraudulent e-shops. Fortunately, there are websites such as the Czech Trade Inspection Authority’s database of fraudulent e-shops – you can also find this under the short link rizikove.cz

Here you can search for traders and check that the shop you are about to buy from is not registered as fraudulent. You can also use other platforms such as dTest: https://www.dtest.cz/eshopy

🏦 If you fall for a scammer, you need to report everything to your bank immediately via the contact centre or directly at the branch. The bank will ask you for a detailed description of the incident and then refer the matter to the relevant department, which also investigates cases in the context of international cooperation. In some cases of account-to-account transfers, the bank may intercept the money and hold it until the police have investigated the matter.

Where to report fraud at individual banks:

🚓 In addition to the bank, fraudulent behaviour should also be reported to the police, as only the police have the power to prosecute the fraudster for any criminal offence. The police recommended procedure can be found here: https://www.policie.cz/clanek/jak-nenaletet-pri-shaneni-darku-na-internetu-podvodnikum-nejen-v-obdobi-vanoc.aspx

⚖️ Remember that if the fraud is not reported to the police at the same time, there is no legal authority to take further legal action.

🏦 But beware of fake bankers! This is a relatively new but increasingly common type of fraud.

Fortunately, sometimes some scammers do manage to get caught – here, thanks to Jirka explaining things, which is an absolutely brilliant YouTube channel.

Gangs used to call their victims “mammoths”. The perpetrators responded to the posted advertisements promptly, especially via WhatsApp. They promised to pay for the advertised goods and, more importantly, to arrange for their transportation. They sent fake links to shipping companies and banks to the sellers.

When the contacted person entered relevant information such as name, password, authentication codes or credit card details, the perpetrators effectively took control of their online banking. They then withdrew money from their accounts.

Radim Dragoun, the chief prosecutor in Olomouc, added that the woman detained in the Czech Republic has the status of a cooperating defendant and is helping to uncover the criminal activities of other perpetrators. He said that she had paid the damage caused to the victims in the amount of CZK 2 million.

Source : https://www.irozhlas.cz/zpravy-domov/policie-ceske-republiky-gangy-internetove-podvody-inzeraty-weby-bankovni_2312061112_elev

🏦 It’s definitely a good idea to try and verify the banker – that way you can be sure you’re actually talking to someone from the bank and not a fraudster. Some banks here already offer this option. There was an interesting discussion on this topic, for example in this post on the X network.

The principle of this function is as follows:

The bank calls and wants you to make sure it’s really them, because there’s a lot of fraud going on right now. You open the app and direct sends a message to the caller with a unique code. Not in a text message, but directly into that banking app, so it’s not abusable outside of the bank. You ask the caller to read the code to you – it’s sent to you when the code is generated, but it also shows up in the calling carrier’s system. If the code matches, you are actually talking to someone from the bank.

As far as we know, this is what Česká spořitelna, Mbank, ČSOB and maybe other banks can do. If you have no way to verify the identity of the banker, we would prefer not to engage in any major transactions over the phone and visit a branch.

And how would you fare in the event of fraud? You can test this at: https://kybertest.cz