[Bee Cyber Fit intro]
Wendy Battles: Welcome to the Bee Cyber Fit Podcast, where we're simplifying cybersecurity for everyone, where we cut through confusing cyber-speak and make cybersecurity simple and easy to digest. I'm one of your hosts, Wendy Battles.
James Tucciarone I'm James Tucciarone. Together, we're part of Yale University's Information Security Policy and Awareness team. Our department works behind the scenes to support Yale's mission of teaching, learning and scholarly research.
Wendy Battles: Ready to get cyber fit with us?
Hey, everyone. Welcome to another episode of the Bee Cyber Fit Podcast. This is the place to come for engaging, information and a little inspiration to stay safe online. What we love is that this podcast is really easy to share, to your friends, family or colleagues who would be interested in learning simple, non techie things that they can do to be cyber safe. If so, please forward this along so we can get cyber fit together.
Hey, James, how you doing today?
James Tucciarone Hey, Wendy. I'm doing great. How about you?
Wendy Battles: I'm doing well. And I'm, believe it or not thinking about putting my holiday hat on because we're not that far from the holidays. I want to ask you a simple question. Do you do any online shopping during the holiday season?
James Tucciarone I definitely do my fair share of online shopping. Although luckily, I don't have that much to do during the holidays.
Wendy Battles: Well, that already sounds good because it sounds a lot less stressful. [laughs] So, good for you.
James Tucciarone Definitely.
Wendy Battles: I like that. What's great about our episode today is that we are looking ahead to things like Black Friday and Cyber Monday. As I've been seeing already, there are sales online. Retailers are doing their sales really early even before Black Friday, so you can get all these deals. So, we're going to be talking today about online shopping scams during the holidays. But to be honest, James, what we're talking about today applies all year long. Basic principles to help avoid online scams and we can't wait to share with you some really simple things you can do. We've got three calls to action at the end of the episode, that can help boost your secure online shopping acumen.
James Tucciarone Have you seen the one about Jon Snow apologizing for Game of Thrones Season 8? It sounds like the leading of a bad joke. But that video is actually one of the most well-known examples of deepfake. Intriguing and perhaps even astounding, deepfakes are increasingly common and easy to create. Stay tuned to learn more about the insidious counterfeits called deepfakes.
All right, so I'm going to get us started this week, Wendy. My story comes from across the pond, so published by dailymail.com. It goes something like this. "We have a teaching assistant from Northamptonshire who was doing some online holiday shopping for her daughter. She was shopping for Pandora products in this case, and she did a Google search for Pandora sale. She has selected a result that she believed was from the official Pandora website and she continued on with her shopping. She found a few items she was interested in, put them in her shopping cart and proceeded to purchase them. She used her debit card, spent around $60 or $70, nothing outrageous. But here's where things started to go downhill. The email receipt that she received went to her junk folder. When she opened the email, she saw a couple of other red flags. The email address was not from Pandora nor was the payee details of the transaction. Instead, it was a random name. And the amount that was charged was actually $5 or $6 more due to a foreign exchange rate. So, of course, she panicked, became suspicious, she tried to contact her bank. Unfortunately, the bank told her that because she had approved the purchase, it was unlikely that they would be able to help her to get her money back."
Wendy Battles: Uh-oh.
James Tucciarone Right. So, as it turned out, it obviously was a scam website and it looked almost identical to the real one. What really caught me was that it offered a full shopping experience. It wasn't like she went to a single product, got pulled in by that, made a purchase. She was able to peruse an entire website to find the items that she was looking for for her daughter. But what's really sad here is that the victim said that the purchases were intended as Christmas gifts for her daughter, and she used her debit card because she was using all the money that she'd been putting aside to cover her Christmas expenses. Can you imagine, Wendy
Wendy Battles: James, sadly I can. It's a really sad story. I certainly have had that horrible sinking feeling when you realize something's gone terribly wrong. You get that pit in your stomach-
James Tucciarone Right.
Wendy Battles: -and you just know, "Oh, shoot." It's the holidays, and money is tight for so many of us. So, I also can feel that disappointment she must have experienced when she was trying to get something for her daughter that she really wanted and couldn't. So that alone would be upsetting.
James Tucciarone Right.
Wendy Battles: Both the disappointment factor for her daughter and she can't get what she wanted to get. And also, having been scammed, so it's double disappointment. So, it's understandable how that can happen. I also know that feeling of elation, when you feel like you found a great deal.
James Tucciarone Right.
Wendy Battles: Right, because many times that's happened to me, and it was legitimate. So, you feel so good. You're like, "Oh, I can't believe, I got this great deal. I'm able to get this thing at a discount." So that part feels really good. So, I can see that the juxtaposition of these two feelings of that feeling when you order it, and you're like, "Yes, she's going to love it." And then that dreaded feeling when you find that something's wrong.
James Tucciarone Right. The high and the low.
Wendy Battles: The high and the low of being online. So absolutely, I totally can connect with what she might have experienced. I also know that you go to sites, you can think they're legitimate, I once went to a site that I thought was Kate Spade. Famous Kate Spade, katespade.com, there is an almost exact look alike site. That looks so much like Kate Spade and then you find out, it's not.
James Tucciarone Right.
Wendy Battles: There's so many ways that we can get into trouble. I will also tell you this that a few years ago, my husband wanted to get me something for my birthday, it's around the holidays, but instead of just buying it, he said, "Sometimes I pick up things and she doesn't actually like them. So, I'm going to have her pick out something." I go to the site, and the things look super cute, I saw all these things, I was like, "Oh, this is my kind of site." But something about it didn't seem right, even how some of the descriptions were written, it just didn't seem quite the full professional experience that I was expecting. Something told me go look in the return policy. When I looked in the return policy, it was very convoluted, "We might give you your money back after 28 days," but it just didn't sound like what you would expect from a major retailer where they make it easy for you to return things and it should not be this huge task.
James Tucciarone Right.
Wendy Battles: So those were some tip offs for me and have helped me learn a lot to be more careful and mindful. He was so grateful that he didn't just go ahead and purchase something because those are things he wouldn't have been looking for that same detail.
James Tucciarone Well, luckily, he asked you for your opinion that year and saved himself from falling victim to a scam himself.
Wendy Battles: Yeah.
James Tucciarone But I think you made a great point there, Wendy. When we're using unfamiliar or new websites, it's a great idea to check it out. Don't just look at the page that you're directed to, but dig a little deeper, look at the contact information, look at the return information, make sure that their site is fully filled out and there's content where you expect to see content.
Wendy Battles: Yeah. Absolutely, there are definitely things we can do before we just go to purchase something to look around, check things out as you said, be that skeptical shopper.
James Tucciarone Absolutely.
Wendy Battles: Then feel like we're making an informed decision. So, I really like that idea a lot.
James Tucciarone Yeah.
[music]
Wendy Battles: Let me tell you about my story. It's a short one. It's about another mom during the holidays, who wanted to buy a present for her child. In this case, her son gave her a link to a pair of sneakers that he wanted. You know, James, when your kids are little, it's great, because shopping is easy. They're just so happy to get the gifts. They're not asking for things in particular. But, of course, all kids grow up and get to that age where they want very specific things. And he had his eye on these old school Air Jordan sneakers. Now from this link, the sneakers were about $80, which is an incredibly good deal because you know how outrageous sneakers are?
James Tucciarone Absolutely.
Wendy Battles: The prices are so inflated, and these particular sneakers could go for as much as $600.
James Tucciarone Right.
Wendy Battles: So, $80 doesn’t that seem like a bargain sort of? [laughs]
James Tucciarone Yeah, definitely sounds like a bargain. My first thought would be like, "Well, have they been worn already?"
Wendy Battles: Right. There're all kinds of questions honestly, about that price when you think about sneakers, what a hot commodity they are, especially if they're like old school, so they might have more value.
James Tucciarone Right.
Wendy Battles: Which makes you think, "Hmm, maybe I should step back and think about this for a second."
James Tucciarone Step back, no pun intended.
Wendy Battles: [laughs] Exactly. She went and she bought them on Black Friday via PayPal. It all seemed good. She's crossing things off her list. And then all of a sudden, she looks up and she realized, "I never got the sneakers." We get busy, we kind of forget. Sometimes ordering a bunch of stuff can't keep straight. Well, when she realized that she logged into PayPal to email the seller, and guess what she found out?
James Tucciarone Hmm, I have a hunch, Wendy, but why don't you tell us?
Wendy Battles: [chuckles] You probably tell us nothing good. [laughs]
James Tucciarone Right.
Wendy Battles: She found out that the seller had blocked her. Like, no more contact. That's it. Just like you would block someone via text or scam emails. That is a very bad sign, needless to say.
James Tucciarone For sure. Got the money and then disappeared.
Wendy Battles: Yep, got the money and ran. Well, PayPal was not helpful at all. They wash their hands of the situation said there wasn't anything that they could do. And it goes back to a lesson learned that you mentioned earlier is that we should really be using a credit card instead of PayPal or Cash App or a cash app like Zelle, or Venmo credit, because credit cards, as we all know, offer a measure of buyer protection and that's what we really want when we're buying things online. James, what are some other tips, our listeners could use to stay safe online this holiday shopping season?
James Tucciarone Well. I think the big one for me, as you already mentioned, is using a credit card. The credit cards they are going to be more likely to provide us with those fraud protections. And the other big one, which you also alluded to earlier, is knowing where you're shopping, knowing the website, using a trusted retailer, not just going with an unfamiliar website or an unfamiliar individual. I can kind of make a comparison to, if you are in a big city and you see the vendors with their products laid out on a blanket on the street corner. I think you're going to have less faith in those products and in those settlers than you are the big-box store that takes up an entire city block.
Wendy Battles: James, those are all great points.
[music]
James Tucciarone Here's the buzz on the imitations known as deepfakes. Let's start with talking about what deepfakes are. The term comes from the idea of using deep machine learning or artificial intelligence to produce some sort of fake content. Most commonly, we see deepfake images or videos of celebrities and well-known public figures. Deepfake tools learn from existing images and can then create doppelgangers whose actions they control. It's even possible to create entirely fabricated people.
Now, this might not sound all that groundbreaking. In fact, shallow fakes are forgeries that don't use machine learning, have been around for years. Many of us have probably even tried using common tools to enhance or alter our own photos. But the use of machine learning allows for creating forgeries that are virtually indistinguishable as counterfeit. And as the processing power of computers continues to grow, deepfakes are evolving to include forged audio, all kinds of forged content, and even entire identities.
Here's a few suggestions to help identify and avoid falling for deepfakes. Always be skeptical about unfamiliar individuals or content you encounter online. Try taking the CNN quiz linked in the show notes to see if you can spot the fake and find out even more about deepfakes by listening to the next episode of Bee Cyber Fit Podcast. We interview former cybercrime reporter Kerry Tomlinson, who share some of her encounters with deepfakes and her top tips to spot them.
Wendy Battles: We have three simple calls to action for you today. About how you can stay safe online during the upcoming holiday shopping season, but honestly at any time during the year when you're buying things online. First, we want you to look at the return policy when you go to an unfamiliar online site. Forget the big-box stores like Target or anything else, but when you go to something you are not familiar with, go to the bottom look at the fine print, see what it says, see if it seems reasonable, that's a great tip off.
Number two, if it feels unfamiliar or something about it doesn't seem right, go to Trustpilot, where you can read reviews about websites that will help you determine the legitimacy of it. I've used this many times, it is a great way to get more information about an unfamiliar website. Finally, the Better Business Bureau has a scam tracker, they've updated it for the holidays with information. So, you can go there, you can check out information about the site, you can also report things that don't seem legitimate. So, three simple things that you can do to be proactive, to help you stay safe online, and to ensure that you have the best possible shopping experience where you get to keep your money from real sites, and truly enjoy the holidays.
James Tucciarone Those are great tips, Wendy. Hopefully, they will help all of us to stay a little safer this holiday season.
Those are all the tips that we have for you today. Until next time, I'm here with Wendy Battles as always, and I'm James Tucciarone. We'd like to thank everyone who helps make this podcast possible. We'd like to also think Yale University where it's produced and recorded.
Wendy Battles: Thank you all for listening. We truly appreciate that. And remember, it only takes simple steps to Bee Cyber Fit.
[Transcript provided by SpeechDocs Podcast Transcription]