Every year, as Christmas draws near, cybercriminals tend to ramp up their nefarious activities.
They trundle out the same tried and tested tactics that they use all year but trick them up with Christmas and holiday themes to draw in more victims.
Report continued below…
And, they capitalise on the fact that, during the holiday season, people are buying more products online, searching for more gifts, and may be spending more time on their computers.
Here are seven common scams to watch out for this holiday season:
Package Delivery Malware Emails
Criminals regularly send out bogus “failed package delivery” notifications as a means of distributing malware. The emails claim that, because of an addressing error, a parcel could not be delivered and you should therefore click a link or open an attached file to retrieve shipping details. The links open websites that harbour malware. The attachments generally contain the malware in a .zip file.
And, as Christmas approaches, the frequency of these scams tends to increase. The criminals know that, near Christmas, more people are expecting packages from friends and family or sending packages themselves. Thus, the criminals tend to trick more people into infecting their computers than at other times of the year.
The criminals often try to create a sense of urgency in their bogus messages by warning that a package will not be delivered in time for Christmas if you do not follow the instructions in the email immediately.
Be very wary of any email that claims a package delivery has failed and you must click a link or open an attachment to fix the problem.
Gift Card Survey Scams
Survey scammers also exploit the holiday season. Typically, the scammers will create fake Christmas promotion Facebook Pages that falsely claim to be associated with well-known brands such as Kmart, Target or Bunnings.
Via these pages, they will offer you the chance to win Christmas gift cards and vouchers. But, to enter, you are required to like the fake Page and share its bogus promotions with all of your friends. Then, you will be told that you must participate in various online surveys or offers as a condition of entry or to verify your identity.
In reality, the promised gift cards do not exist and the personal information you provide on the bogus survey sites will be used to inundate you with unwanted marketing material and phone calls. You may also be tricked into subscribing to very expensive SMS “services”.
As well as gift cards and vouchers, survey scammers may also offer “Christmas Promotions” that supposedly allow you to win expensive prizes such as luxury cars or game consoles.
Be wary of any ‘promotion’ that claims that you must like and share material and participate in online surveys to enter.
Report continued below…
Charity Phishing Scams
Many charitable organisations hold Christmas or holiday appeals to raise extra funds. And, with the Christmas spirit upon them, people may be more likely to give to those less fortunate.
Again, criminals are aware of this. Carefully vet messages asking you to donate to Christmas or holiday appeals. Scam messages may contain links to bogus websites designed to emulate the sites of genuine charities. Once on the fake site, you will be asked to donate by providing your credit card details and other personal and financial information. Criminals can collect the information you submit and use it for credit card fraud and identity theft.
When donating, always ensure that you are giving to a genuine charity.
Christmas Reward Phishing Scams
Another Christmas themed criminal tactic is to send out emails claiming to be from well-known banks or companies that offer “customer rewards” such as cash bonuses or vouchers as part of a Christmas promotion.
The emails will instruct you to click a link to claim your bonus. The link will take you to a website that looks just like the targeted bank’s real website. Once there, you will be asked to login and provide personal and financial information, ostensibly to allow you to claim the bonus.
But, again, the criminals will collect the information you provide and use it to hijack your account and commit financial fraud and identity theft.
Fake Shopping Websites
Criminals also capitalise on the holiday shopping frenzy by tricking people into “buying” items on fake retail websites. They launch spam campaigns that offer seemingly unbeatable ‘Christmas Deals’.
Links in the messages lead to sites that look like the websites of well-known companies. They may use logos and other elements stolen from genuine company websites.
But, you will never receive any items you ‘buy’ on these fake sites. And, via the phoney purchase pages on the scam websites, criminals can harvest your credit card details and other personal information.
Advance Fee Scams
During the Christmas period, advance fee scammers often alter their bogus cover stories to fit the season.
For example, they may claim in their scam messages that you have won a substantial cash prize in a “Christmas Rewards Program” organised by a high-profile company such as Google or Microsoft.
Or, they may claim that, to celebrate Christmas, a wealthy philanthropist or a previous lottery winner has decided to give away millions of dollars to people randomly selected via their email addresses.
Of course, as with all such advance fee prize scams, the messages are designed to trick people into sending their money and personal information to criminals.
Holiday eCards can be a fun way to send holiday greetings to your friends and family. But, crooks often use fake eCard notifications to trick people into visiting sites that contain malware.
The notification emails may look like they are from a genuine eCard provider. But, when you click the link in the hope of viewing your eCard, you may be tricked into downloading and installing malware.
Remember that genuine eCards will contain the name and email address of the sender, which should be somebody you know.
Stay vigilant these holidays, and don’t let scammers ruin your Christmas! And, keep in mind that cyber crooks use variants of the tactics described above every month of the year, not just at holiday time.
Last updated: December 5, 2016
First published: November 27, 2014
By Brett M. Christensen
Importance NoticeAfter considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.
These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.
Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.
And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.
When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.
I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.
A Big Thank YouI would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.
I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.
Closing DateHoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.
Thank you, one and all!