Imagine you’re searching for a tablet to buy. Suddenly, an ad pops up – a brand new iPad for just 150 dollars! This bargain can’t be missed. You excitedly click on the ad, and then something odd happens. Your browser starts downloading something but there’s no trace of the deal. It was a bait and switch attack. Learn what it is and how to prevent it below.
Bait and switch advertisement is when a merchant advertises a too-good-to-be-true deal but does not fulfill the promise. After you see a deal and arrive at a sales point, a seller might explain that the item is not available or that it costs more. They also might persuade you to buy a more expensive or inferior product without having the advertised offer available.
Bait and switch advertising is illegal and is classified as a fraud. However, there are some borderline cases. If a salesman persuades you to buy another product, but the original offer is still available, that's not a case of bait and switch. Neither are cases when a product is out of stock due to limited availability (if the ad mentions this limitation). The original offer must be impossible to fulfill for an ad to be classified as an example of bait and switch.
Bait and switch scams also work in the online world. By employing reliable-looking ads, they may direct you to a harmful website, malicious app download, or a fraudulent offer designed to steal your data. It may also initiate clickjacking, browser-locking, or other attacks.
Hackers may use reliable-looking ads to lure you into malicious sites. An ad might display an attractive deal but redirect you to a website full of malware. Ad blockers, anti-malware plugins, and your common sense will help protect you. NordVPN’s CyberSec feature prevents malicious redirects to known scam sites on its blacklist.
Cybercriminals may also hijack websites, inject their content into them, and advertise those sites. This is an example of a more sophisticated bait and switch technique. Sometimes even site owners might not notice that their page is being abused like this. However, if you see a website you know advertising or displaying unusual content (e.g., a bank offering to download a game app) or containing some fishy links, this is a red flag.
Here are a few tips for avoiding this attack:
Try NordVPN – our CyberSec feature can help protect you from bait and switch attacks while our VPN gives you the security and privacy you deserve.