Skip To Content
BuzzFeed News Home Reporting To You

Utilizamos cookies, próprios e de terceiros, que o reconhecem e identificam como um usuário único, para garantir a melhor experiência de navegação, personalizar conteúdo e anúncios, e melhorar o desempenho do nosso site e serviços. Esses Cookies nos permitem coletar alguns dados pessoais sobre você, como sua ID exclusiva atribuída ao seu dispositivo, endereço de IP, tipo de dispositivo e navegador, conteúdos visualizados ou outras ações realizadas usando nossos serviços, país e idioma selecionados, entre outros. Para saber mais sobre nossa política de cookies, acesse link.

Caso não concorde com o uso cookies dessa forma, você deverá ajustar as configurações de seu navegador ou deixar de acessar o nosso site e serviços. Ao continuar com a navegação em nosso site, você aceita o uso de cookies.

The Option To Pick Up Online Purchases In Stores Is A Boon For Scammers

Retailers want shoppers to pick up online orders in stores to save on shipping costs. But this new method has led to an increase in fraudsters trying to steal orders.

Posted on January 17, 2019, at 4:25 p.m. ET

Stephanie Keith / Getty Images

Retail businesses are trying to save on shipping costs by convincing shoppers to pick up their online orders in stores, but fraudsters are increasingly exploiting this shopping method to scam people.

Shoppers chose to buy purchases online and pick them up in stores 20% more during the 2018 holiday season compared to the year before, according to ACI Worldwide, an electronic payments company. The company also found that there was a 13% uptick in scammers attempting to hack into online accounts and use them for “buy online, pick up in store” purchases between Nov. 1 and Dec. 31, 2018, compared to the same time the year before.

“Fraudsters are always looking for areas of opportunity,” Erika Dietrich, vice president of global risk services with ACI Worldwide, told BuzzFeed News. “If you have a home and you implement a security system and you have cameras and lights and motion protectors, fraudsters are going to give up breaking into your house and move into other areas.”

That new area for online orders is defrauding pick-up-in-store purchases, Bart McDonough, a cybersecurity expert and author of Cyber Smart, told BuzzFeed News.

On most online shopping portals, shoppers must reenter their credit card details if they change the shipping address for an item. But if a shopper wants to pick up an item in a store, they typically don’t need to reenter their details; they just have to select a store. Hackers can exploit this to make fraudulent purchases on someone else’s account, and then they simply present the purchase details at the store to get the item.

Suddenly, the passwords to your or accounts have become much more valuable to hackers because they can easily make fraudulent purchases and pick them up in any store, said McDonough.

“Retailers have tried to introduce some brick-and-mortar [options] to combine an online experience with a retail experience,” he said. “Because they did that, they actually introduced more cyber vulnerability.”

Fraudsters tried to hack 1.5% of all “buy online, pick up in store” transactions on average between Nov. 1 and Dec. 31 last year, according to ACI Worldwide. By comparison, online orders that shipped directly to home addresses were targeted slightly less, at 1.2%.

McDonough said shoppers should not reuse the same username and password on any site to avoid being hacked. They should also enable two-factor authentication, update their phones and computers regularly, and enable phone alerts for their credit card purchases.

“Online spending and ‘buy online and pick up in store’ are here to stay,” said Dietrich with ACI Worldwide. “Consumers ... have to be conscientious to monitor their payment devices and lock their phones and computers, and have good security hygiene.”

A BuzzFeed News investigation, in partnership with the International Consortium of Investigative Journalists, based on thousands of documents the government didn't want you to see.