Cisometric Cybersecurity Firm

Online shopping / online marketplace scams are a significant and growing concern in the Indonesian e-commerce landscape. Platforms like Shopee, Tokopedia, and Bukalapak, while providing vast opportunities for buyers and sellers, have also become hotbeds for fraudulent activities. These scams exploit the internet's reach and anonymity, allowing scammers to pose as sellers or buyers without the intention of delivering the promised goods or services. Throughout this article that serves as a guideline to all Indonesians navigating e-commerce shopping, we feature insights from Muhammad Aprian, a cyber expert at Cisometric. He shares his expertise on the nature of marketplace scams in Indonesia and offers guidance on how consumers can protect themselves.

“As a Cyber Security Assessor at Cisometric, my focus is on Offensive Security, where I simulate attacks on IT systems, physical security, and use social engineering techniques to test and strengthen an organization's defenses against potential external threats. And as a consultant, it is crucial for me to stay updated on cyber security issues, including marketplace scams. Educating and raising awareness about these rising cyber threats is essential to help create a more secure Indonesia."

Understanding Online Marketplace Scams

Online marketplace scams are fraudulent transactions that occur on online shopping platforms. Both sellers and buyers can be targets of these scams. They are a serious concern in Indonesia due to their significant impact on public safety and the economy. The Ministry of Communication and Information Technology (Kominfo) recorded 1,730 online fraud content incidents from August 2018 to February 2023. Additionally, economic losses from online fraud in Indonesia are estimated at IDR 18.7 trillion from 2017 to 2021. These figures highlight the prevalence and financial damage of these scams, underscoring the need for enhanced security and awareness in online transactions.

Common Types of Online Shopping Scams

Aprian then identifies the several common scams prevalent in Indonesian marketplaces:

Buyer Scams:

Transaction Cancellation Fraud: Buyers report the transaction as fraud after receiving the goods, getting their money back while keeping the item.
Claiming Non-Receipt: Buyers claim they never received the item they actually received.
Non-Payment: Buyers receive the goods without paying, causing losses to the seller.

Seller Scams:

Shipment Fraud: Sellers send items significantly different from what was advertised.
Claiming Shipment Without Sending: Sellers claim to have shipped items when they haven't.
Down Payment Fraud: Sellers demand down payments for high-value items without providing proof of authenticity.

Phishing Scams:

Link Manipulation: Scammers send links or QR codes leading to fake websites.
Smishing (SMS/WA Phishing): Using SMS or WhatsApp to lure victims to fake sites or send fake APKs.
Vishing (Voice Phishing): Scammers call, pretending to be couriers or sellers, asking for personal information like OTP codes or account details.

Listing Scams:

Suspicious Listings: Products with extremely low prices, indicating potential counterfeits.
Descriptions Pushing for External Transactions: Encouraging buyers to contact sellers outside the official platform. "Scammers prefer payments outside the marketplace's protected system because these transactions are harder to trace and lack consumer protection," Aprian notes.
Counterfeit Goods: "The issue of counterfeit goods is very prevalent in Indonesian online marketplaces, causing economic losses of up to IDR 291 trillion per year. According to the Indonesian Anti-Counterfeiting Society (MIAP) and the Institute for Economic Analysis of Law & Policy at Pelita Harapan University (IEALP UPH), the state loses IDR 967 billion in taxes and over 2 million job opportunities annually. Common counterfeit items include fashion, cosmetics, and gadgets."

To fully grasp the severity and impact of marketplace scams, it is essential to look at cases that usually occur in our marketplace. Aprian shared some notable cases:

APK Courier Scam: Scammers send messages pretending to be couriers, asking victims to install an APK to track shipments. The APK requests SMS access to steal OTP codes for accessing the victim's mobile banking or e-wallet.
QR Payment Scam: A victim was tricked into scanning a QR code sent via WhatsApp by a scammer posing as a Seller, resulting in a canceled order and stolen funds.
Misleading Product Shipment: A buyer ordered a hard disk but received a piece of paper with a picture of a hard disk.

The Future Trends and Impact

These scams not only cause financial losses but also erode consumer trust in e-commerce. “Victims of online scams often prefer offline shopping for large transactions due to a perceived lack of security in e-commerce,” Aprian notes. This mistrust can hinder the growth of the e-commerce sector in Indonesia.

Looking ahead, Aprian anticipates more sophisticated scams involving AI and deepfake technologies, as well as advanced phishing tactics. “Scammers may use AI to create convincing fake videos or audio, making it harder for consumers to detect fraud,” he explains. To stay ahead, consumers need to remain vigilant and informed about the latest scam trends and security practices.

Future trends in marketplace scams may include:

AI and Deepfake-Based Scams: Scammers using AI to create convincing fake videos or audio.
Sophisticated Phishing: Techniques like Man-in-the-Middle (MITM) reverse proxy phishing to steal user sessions even with OTP security.
Advanced Social Engineering: Continued use of psychological manipulation techniques.

Protecting Yourself from Online Shopping Scams

To safeguard against these scams, Aprian recommends several strategies:

Use Official Platforms: Always transact through verified platforms like Tokopedia, Shopee, or Bukalapak.
Verify Seller Identity: Check ratings, reviews, and choose trusted sellers.
Use Secure Payment Methods: Avoid direct bank transfers and use the marketplace's secure payment system.
Be Wary of Social Engineering: Don't fall for urgent or unexpected requests for payment or personal information.
Activate Additional Security Features: Use two-factor authentication (2FA) for added security.
Report Suspicious Activity: Immediately report any suspicious behavior to the marketplace.
Educate Yourself: Continuously improve your digital literacy and stay updated on security practices.
Use Security Software: Install antivirus and antiphishing software on your devices.
Being Critical: Scrutinizing visual and audio content for authenticity.
Verifying URLs: Ensuring website URLs are correct.
Staying Informed: Keeping up with the latest scam trends and security practices.

For offline transactions like COD (Cash On Delivery), especially on platforms like Facebook and OLX:

Meet in Safe Locations: Choose busy, secure places for transactions.
Inspect Goods Before Paying: Check the condition of items thoroughly before payment.
Bring a Companion: Bring someone along for added safety.
Be Cautious of Low Prices: Extremely low prices can indicate potential scams.

Online shopping scams are a growing concern in Indonesia's e-commerce landscape, but with the right knowledge and precautions, consumers can protect themselves. As e-commerce continues to evolve, staying informed and vigilant is key to safeguarding against these threats. For more on how to protect yourself and stay updated on various cyber security trends, follow our LinkedIn updates and blog articles.

Follow us here: Cisometric

References: