I’ve had quite a few responses to last week’s column about online “penny auction” site Viaziz, which has duped many South Africans into believing they were just registering on the site, when in fact they were agreeing to buy about R2 500 worth of “credits”.
The site invites people to “sign up for free” and then supply their credit card details in order to complete the “registration”. But the very tiny print at the bottom of the page reveals what they’re really agreeing to when supplying their credit card details: “Package: 300 new customer welcome credits. You will be debited R2 499.99.”
This is especially misleading, as, under the site’s more accessible FAQ section, the following promise is made: “Registration is totally FREE with no nasty hidden charges that other sites forget to tell you about! The ONLY cost associated with our website is the bid package costs.”
It fails to say that you can’t register without buying that package.
Among Viaziz’s terms and conditions, well hidden on the site, the truth lurks: “You agree that once you enter your card details and press either ‘Add Card & Finish’ or ‘Finish’ you have confirmed that you wish to have your card debited for the stated amount and you are fully aware that you will be charged for your selected bid package…”
That’s highly misleading, and, as law professor Robin Palmer pointed out, it falls foul of the Consumer Protection Act, which is all about protecting consumers from deceptive practices.
Sadly, if you don’t know what to look for on e-commerce sites, you’re easy prey.
Software specialist Steven Silbert of e-commerce hub E-Strategic said there are several technical and other issues on the Viaziz site – and others – which raise a red flag.
l The lack of a company phone number.
“Ideally, website owners should display photos of themselves and make their e-mail addresses available, along with their office address and phone number,” he said.
l Lack of validation of input: it’s a bad sign when this obviously hasn’t been done and the site contains obvious mistakes, Silbert says.
l The registration of the website is cloaked – you can’t find the owner of the domain name.
l Hidden terms and conditions. “Some websites use a link, but I prefer a scrollable text frame with the terms inside.
“There should also be a tick box to validate that the user has actually read the terms.
“Generally, people tick it anyway, without reading, but it’s important to force someone to stop and see what they’re doing.”
When making payments, check for the padlock sign and the ‘https’ on the address bar, which tells you that you are on an SSL secured site. Websites that are SSL secured will encrypt sensitive information such as credit card numbers during the transaction.
Also dispensing advice on how not be ripped off when transacting in cyberspace is Doros Hadjizenonos, SA sales manager with Check Point Software Technologies.
Here are some particularly useful tips:
Make sure it’s the real deal: Be careful when clicking on links in e-mails from retailers for offers, even if they appear to be from a big brand company. Malicious links could exploit your computer with malware or take you to a phishing site designed to steal your information. Rather go directly to the company’s website.
Update your browser: Make sure your browser is updated with the latest version. Hadjizenonos advises consumers to consider disabling Java as the program is battling a slew of security vulnerabilities, he says. “This will sacrifice some websites’ functionality, but it will prevent potential drive-by download attacks that could infect your PC.”
Use virtual credit cards: These are temporary or disposable devices, issued by banks or credit card companies free or for a small fee. They are usually one-time use only or have a limited amount on them, so if a cyber criminal gets hold of this number, your actual bank account is not at risk.
Set up a separate e-mail: Many retail sites require an e-mail address to set up an account, login, and make purchases. By setting up and using a separate e-mail account for your shopping, you will reduce spam and phishing attacks on your personal, everyday use e-mail account. This will also lower the risk of your personal information getting stolen.
Update your security software: Make sure your security software is running and up to date.
Great advice. Use it to avoid the downside of cyber-transacting.