Beware of fake retailer apps when doing your shopping
Scam Prevention
Canadian Bankers Association

Shopping online? Watch out for fake websites and apps that steal your info

Article

Using a retailer’s online website or app is a great way to avoid the crowds in shopping malls. However, criminals are taking advantage of the popularity of online shopping by creating fake websites and apps that look authentic but are really just a ploy to steal your credit card info and personal information.

How this scam works

Scammers create online shipping websites or an app that has a similar look and feel to genuine retailers under an intentionally misleading, legitimate-sounding name. These websites and apps are often just a front to steal your credit card details and sensitive personal information.

Signs of a fake shopping website

  • The URL doesn’t exactly match the official website, even by a single different character
  • The site looks poorly designed, unprofessional and has broken links
  • You can’t find an address or phone number for the business
  • Sales, return and privacy policies are hard to find or unclear
  • The back button is disabled - you get stuck on a page and can’t go back
  • You’re asked for credit card information anytime other than when you are making a purchase

Signs of a phony app

Major app store platforms like Apple’s App Store and Google’s Play Store monitor content and routinely remove malicious apps. But you still need to be vigilant about the apps you download.

  • The name of the app publisher (typically displayed under the app’s name) is close to the retail app you’re looking for, but not quite right
  • The app has a poorly written descriptions or doesn’t have any user feedback
  • The app requires an excessive number of permissions for installation
  • The app has a lot of pop up ads or you are constantly asked to enter personal information

Protect yourself while shopping online

  • Shop with reputable and trustworthy retailers that provide a street address and a working phone number
  • When looking for the shopping app of your favorite retailer, visit the retailer’s website and look for the link to their legitimate app there – don’t just search through the app store
  • Look at the URL of the website to see if it starts with "https" and displays a padlock icon in the address bar. If it begins with "https" instead of "http" it means the site is secured using an SSL Certificate (the s stands for secure)
  • Never respond to pop-up messages on a website or app that asks for your financial information
  • Use your credit card and avoid websites and apps that request payment by wire transfer, prepaid debit or gift cards, cash only or through third parties
  • Avoid online shopping and banking while using public wifi, or if you must, use a virtual private network

Related Articles