If there’s one thing that scammers are good at, it’s exploiting people’s vulnerabilities. And during the holidays, when everyone can be a bit distracted, there’s plenty of opportunities to do just that. So on top of keeping up with the hustle and bustle of the season, you should stay vigilant against cybersecurity attacks that malicious actors unleash during the holiday season.
Here are three scams to avoid during yuletide.
1. Shipping notification scams
eCommerce sales are predicted to skyrocket during the holiday season, and if you’re a frequent online shopper, you’re at a higher risk of being a victim of shipping notification scams.
In these types of scams, phishers send their targets an email or an SMS containing falsified shipping information from Amazon or a popular courier, like DHL or UPS, asking the recipients to verify their shipping address or acknowledge shipment delay. Sometimes, the email would say that a delivery attempt was made but no one was available to receive the package, requiring the intended recipient to fill out a form to facilitate a successful delivery.
Often, these messages contain a link that leads to a legitimate-looking website that asks for personal identifiable information (PII) that phishers will use for fraud. There are also instances where a file is attached to the phishing message; when clicked, this file initiates a virus download that scans the victim’s device for sensitive information such as passwords and bank account details.
To avoid getting scammed by false shipping notices, always keep track of what you order online and its shipping information. Also, never click on suspicious links, as they may contain malware or lead to websites that collect PII.
2. Gift card scams
Blackhawk Network forecasts a 27% increase in holiday gift card spend this year compared to last year. This is attributed to a generally more positive consumer outlook: people want to celebrate after yet another year of battling with the pandemic.
However, scammers are out to drain the holiday spirit by carrying out gift card scams. In this con, a scammer calls a potential victim pretending to be an authentic entity, such as someone from the government or a company's tech support. They will then tell a fake story that will pressure or scare the target into acting quickly without thinking. For instance, a scammer will introduce themselves as a representative from the Social Security Administration. They will inform the target that their account has been frozen and put under investigation, and that they have to pay in gift cards to avoid being arrested.
A scammer often instructs victims which gift cards to buy and even stays on the line while victims go to the store and load money onto the card. They will then ask for the gift card number and the PIN on the back of the card, allowing them to immediately get the money that was just transferred.
Per the Federal Trade Commission, about $148 million were lost in gift card scams in the first nine months of 2021 alone. To avoid falling prey to these scams, the rule of thumb is to never pay anyone in gift cards. But if you happen to have done so, call the company that issued the gift card right away and alert them of a possible fraud.
3. Charity scams
Holiday season may be the season of giving, but be extra careful with whom you share your blessings. Around this time of the year, fraudsters work harder and send spam to just about anyone, waiting for an unsuspecting person to take the bait.
In these unsolicited emails, the scammer pretends to be part of a fake charitable institution. They tell a harrowing, believable narrative that tugs on the heartstrings, persuading the recipient to make an emotional decision. At the end of the email is a link to the fake charity’s website and a plea to support its cause by donating money. In truth, the funds wired by generous netizens will be used by crooks for their own gain.
Sometimes, scammers also pose as representatives of well-known charities like the Red Cross to carry out various fraudulent schemes. This is why it’s critical to do a background check on anyone asking for donations, such as by calling a charity’s official number and verifying if the person who sent the solicitation email is connected with them.
Cybercriminals are hard at work not just during the holiday season but all year round. Keep your business protected 24/7/365 with our EXponentially Better™ cybersecurity services. Book a FREE consultation today, call us at 647-697-7710 or drop us a line.