The holiday season always brings a surge in shopping, travel and festive activities, but it’s also a peak time for scammers seeking to exploit the spirit of generosity, the flurry of financial transactions, and the desire to find fantastic deals.
Rather than visions of sugar plums, they have scams to steal your joy, your identity and your money dancing through their heads. As we deck the halls and wrap the gifts, cybercriminals are in overdrive, plotting to swipe more than just your cookies.
Here’s a simple guide to help you understand and dodge the latest cyberthreats. Read on to defeat these digital Grinches and to ensure that you keep your bank account, your identity and your holiday spirit safe.
1. Deals Too-Good-To-Be-True
We get deluged during the holiday season with ads via email and social media hawking popular items at mind-blowing discounts. These bogus ads are the bait that leads to counterfeit goods or an empty stocking when you get nothing at all. Remember, if the price seems too good to be true, it’s most likely a scam. Be wary and shop only through verified sites.
2. Spoofed (Fake) Websites
Websites of popular retailers can be easily cloned (copied) to harvest your credentials (username and password) as well as your payment information. Stick to well-known and trusted retailers and don’t click links in an email, text or social media post which can be easily faked. Instead, go directly to a trusted website and always double-check the URL with an eye out for “https” and a lock icon in the URL. Bookmark trusted sites to avoid being tricked by lookalike clones.
3. Refund Scams
Phishing emails, texts or phone calls claiming you’re due a refund for an item you purchased. To “process” the refund, you must provide sensitive personal information. If you are contacted for a refund, be very careful and never provide personal information over unsolicited communications. Instead, contact the source directly through official channels to verify any refunds.
4. Fake Delivery Notifications
Emails or text messages claiming your eagerly awaited holiday package is on its way, but there’s an unfortunate snag. To ensure that your package arrives on time, you need to click a link to reschedule or confirm delivery. Instead, get a tracking number from the retailer where you bought the item, then visit the courier’s web site and use the tracking number to check on shipment status.
5. Phishing eCards
You receive a holiday themed eCard greeting from a “friend” or “relative” but it’s a scam! Clicking the link installs malware or leads to a phishing site where your credentials or money are stolen. Be skeptical and verify eCards by calling the sender to confirm its legitimacy.
6. Social Media Gift Exchange
Pyramid schemes where you send one gift and expect to receive many gifts in return. Sadly, all you get is disappointment under the tree. Keep your gift-giving to people you know and trust, and avoid any “send one, get many” schemes you encounter.
7. Gift Card Scams
No legitimate entity will ask you to pay with gift cards. If an organization or an individual demands gift cards for payment, assume it’s a scam and move on.
8. Holiday Giveaway Scams
Everyone wants to “Win a free iPhone for Christmas!” But when you try to claim your “prize”, it requires sensitive personal information or payment for “shipping.” Legitimate giveaways rarely ask for money upfront. Before sharing any information or sending any money, confirm the promotion is legitimate.
9. Bogus Charity Scams
Cybercriminals tug at your heartstrings with stories of need during the holiday season, asking for donations to fake charities. Research charities before giving with websites like Charity Navigator or Wise Giving Alliance. Never donate via wire transfer, gift cards, or cryptocurrency. Credit card donations offer the best consumer protection in the event something goes wrong.
10. Overpayment Scams
Scammers “accidentally” overpay for an item you’re selling online and then you to return the “excess” payment. You end up with a lump of coal in your stocking when their payment to you bounces. Never send money back to a buyer before their payment has cleared. Use payment methods with buyer protection like PayPal Goods and Services.
11. Fake Job Offers
Every year we see offers for seasonal work with too-good-to-be-true pay. But they are likely a ploy to collect your sensitive personal information or to get payments for training or equipment supposedly needed to do the job. Research the company offering the job and check their reviews. And remember, reviews can be fake. Never pay to start a job. If they ask for money from you upfront, it’s most likely a scam.
12. QR Code Scams
While QR codes are increasingly common and very easy to use, you can’t tell what they do by looking at them. Scammers know this and place malicious QR codes over legitimate ones, leading to phishing sites when scanned. The best bet is to never scan a QR code in the wild, but if you must, carefully inspect the QR code before scanning it. If it’s on a sticker or it looks tampered with, don’t scan it.
As you navigate this jolly holiday season, remember: if the offer, deal, or message seems just too good, it’s probably not from Santa’s nice list. Keep your wits about you, be cautious, and let’s ensure the only surprise this holiday is under your tree, not in your bank account. If you do encounter a scam, report it to the BBB Scam Tracker, local authorities and/or the FBI’s Internet Crime Complaint Center so others can become aware and avoid a nasty surprise from the Grinch.
Happy Holidays to you and your family! Stay merry, stay vigilant, and have a cyber-safe holiday season!
Dave Hatter is an award-winning technology leader with over 30 years of software engineering and cybersecurity experience and works as a Cybersecurity Consultant at Intrust IT. He has also served as the Mayor of Fort Wright since 2015.