Every year, as Christmas draws near, cybercriminals tend to ramp up their nefarious activities.
They trundle out the same tried and tested tactics that they use all year but trick them up with Christmas and holiday themes to draw in more victims.
Report continued below…
And, they capitalise on the fact that, during the holiday season, people are buying more products online, searching for more gifts, and may be spending more time on their computers.
Here are seven common scams to watch out for this holiday season:
Package Delivery Malware Emails
Criminals regularly send out bogus “failed package delivery” notifications as a means of distributing malware. The emails claim that, because of an addressing error, a parcel could not be delivered and you should therefore click a link or open an attached file to retrieve shipping details. The links open websites that harbour malware. The attachments generally contain the malware in a .zip file.
And, as Christmas approaches, the frequency of these scams tends to increase. The criminals know that, near Christmas, more people are expecting packages from friends and family or sending packages themselves. Thus, the criminals tend to trick more people into infecting their computers than at other times of the year.
The criminals often try to create a sense of urgency in their bogus messages by warning that a package will not be delivered in time for Christmas if you do not follow the instructions in the email immediately.
Be very wary of any email that claims a package delivery has failed and you must click a link or open an attachment to fix the problem.
Gift Card Survey Scams
Survey scammers also exploit the holiday season. Typically, the scammers will create fake Christmas promotion Facebook Pages that falsely claim to be associated with well-known brands such as Kmart, Target or Bunnings.
Via these pages, they will offer you the chance to win Christmas gift cards and vouchers. But, to enter, you are required to like the fake Page and share its bogus promotions with all of your friends. Then, you will be told that you must participate in various online surveys or offers as a condition of entry or to verify your identity.
In reality, the promised gift cards do not exist and the personal information you provide on the bogus survey sites will be used to inundate you with unwanted marketing material and phone calls. You may also be tricked into subscribing to very expensive SMS “services”.
As well as gift cards and vouchers, survey scammers may also offer “Christmas Promotions” that supposedly allow you to win expensive prizes such as luxury cars or game consoles.
Be wary of any ‘promotion’ that claims that you must like and share material and participate in online surveys to enter.
Report continued below…
Charity Phishing Scams
Many charitable organisations hold Christmas or holiday appeals to raise extra funds. And, with the Christmas spirit upon them, people may be more likely to give to those less fortunate.
Again, criminals are aware of this. Carefully vet messages asking you to donate to Christmas or holiday appeals. Scam messages may contain links to bogus websites designed to emulate the sites of genuine charities. Once on the fake site, you will be asked to donate by providing your credit card details and other personal and financial information. Criminals can collect the information you submit and use it for credit card fraud and identity theft.
When donating, always ensure that you are giving to a genuine charity.
Christmas Reward Phishing Scams
Another Christmas themed criminal tactic is to send out emails claiming to be from well-known banks or companies that offer “customer rewards” such as cash bonuses or vouchers as part of a Christmas promotion.
The emails will instruct you to click a link to claim your bonus. The link will take you to a website that looks just like the targeted bank’s real website. Once there, you will be asked to login and provide personal and financial information, ostensibly to allow you to claim the bonus.
But, again, the criminals will collect the information you provide and use it to hijack your account and commit financial fraud and identity theft.
Fake Shopping Websites
Criminals also capitalise on the holiday shopping frenzy by tricking people into “buying” items on fake retail websites. They launch spam campaigns that offer seemingly unbeatable ‘Christmas Deals’.
Links in the messages lead to sites that look like the websites of well-known companies. They may use logos and other elements stolen from genuine company websites.
But, you will never receive any items you ‘buy’ on these fake sites. And, via the phoney purchase pages on the scam websites, criminals can harvest your credit card details and other personal information.
Advance Fee Scams
During the Christmas period, advance fee scammers often alter their bogus cover stories to fit the season.
For example, they may claim in their scam messages that you have won a substantial cash prize in a “Christmas Rewards Program” organised by a high-profile company such as Google or Microsoft.
Or, they may claim that, to celebrate Christmas, a wealthy philanthropist or a previous lottery winner has decided to give away millions of dollars to people randomly selected via their email addresses.
Of course, as with all such advance fee prize scams, the messages are designed to trick people into sending their money and personal information to criminals.
Holiday eCards can be a fun way to send holiday greetings to your friends and family. But, crooks often use fake eCard notifications to trick people into visiting sites that contain malware.
The notification emails may look like they are from a genuine eCard provider. But, when you click the link in the hope of viewing your eCard, you may be tricked into downloading and installing malware.
Remember that genuine eCards will contain the name and email address of the sender, which should be somebody you know.
Stay vigilant these holidays, and don’t let scammers ruin your Christmas! And, keep in mind that cyber crooks use variants of the tactics described above every month of the year, not just at holiday time.
Last updated: December 5, 2016
First published: November 27, 2014
By Brett M. Christensen
Since you’ve read this far……can I ask you for a big favour?
To enhance your privacy and security and offer you a better user experience, Hoax-Slayer is now completely ad-free. To keep the site online, I rely on voluntary contributions from site visitors.
If you found the above report useful, please consider supporting Hoax-Slayer by making a donation. Any amount you can give will be greatly appreciated.
You can donate using your credit card via the form below. Donations are collected securely via the online payment service Stripe. Stripe uses state of the art security to keep your data safe.