meta tag

Last week, I willingly gave my name, address, phone number, and debit card info to a fraudulent website. You might think that someone like me would be immune to these types of mistakes. After all, I work for an IT company. I help educate people about their online privacy. My company works diligently to protect other businesses from online blunders. But my confession is a reminder that we are ALL susceptible to making mistakes. My hope in sharing this story is to educate you, the reader, on how to avoid the mistake I made, how to identify the mistake if you already made it, and share how I resolved it with minimal damage.

 

What Happened?

I was scrolling Instagram one day and came across a paid advertisement for a familiar company (or so I thought) that sells tennis equipment and apparel. I have purchased from this company on many occasions, and since I was in the middle of doing something else, I clicked the “Shop Now” button, which opened the browser within Instagram. They were touting their “End of Summer Sale” and I began to browse the items, not really looking for anything in particular. I came across a case of tennis balls (144 balls) for $26 plus shipping. That’s about an 80% savings over the normal price, and you would NOT believe how many tennis balls I go through in a year.

Eager to take advantage of this deal, I added the items to the cart and proceeded to the checkout. It should be noted that I was involved in another task, and wasn’t paying full attention. If I had been focused and vigilant, I probably would have caught the warning signs. However, the site looked exactly like what I expected – same branding, same colors, same general functionality. I entered my information – address, credit card, and hit submit.

I received an email confirmation almost immediately, as you would expect. That’s when I confirmed the little suspicions I had in the back of my mind and I KNEW I had been scammed, and that I had just given my information away to a fraudulent website.

 

How Did I Know?

Before I reveal what confirmed my mistake, let’s take note of all the red flags I passed along the way. Here is a list of the signs I missed that should have given me pause before giving my information away.

  1. I clicked on a “Shop Now” ad on social media. While many reputable vendors advertise on social media, the sheer numbers of people and somewhat low barrier to entry make paid social media advertising a desirable spot for fraudulent activity. I should have gone to my browser and gone to the website I trust to ensure it matched the site I was seeing on social media.
  2. The deal was too good to be true. I should have been more vigilant when being offered something at an 80% discount.
  3. I didn’t explore the remainder of the website, I only went to the landing page. Building one page of a website is pretty easy. When I went to double check things, I tried to explore the full site and found that there were very few other pages, and the pages that did exist were selling women’s fashion and raincoats, not tennis equipment.
  4. The checkout didn’t take American Express. I know some vendors only allow select credit cards, but a large tennis company selling things internationally would surely take AmEx, and this should have given me pause.

The final nail in the coffin was the confirmation email I received. I realized that the email domain did not match the website I purchased the tennis balls from. Instead of what I expected, it was a strange domain “tennis-expsale.com.” When I went to my browser and typed that domain, it took me to a site that was obviously not legitimate.

 

How Did I Fix It?

Unfortunately, by the time I realized the error, I had already given away all of my information and submitted my credit card details. Without hesitation, I drove directly to my bank, told them the error I had made, had them cancel my debit card and issue a new one, and disputed the charge. My bank was awesome through this process and took great care to ensure my resolution was swift and thorough. I also went to my Instagram browser history (in your profile) and reported the site as fraudulent so others wouldn’t fall prey to the same trap.

 

I hope this account has been helpful as a cautionary tale, a description of some telltale signs, and a list of action steps to avoid making the same mistake. Safe browsing out there!