Cyber criminals take advantage of the busy holiday shopping season to target unsuspected shoppers that are often looking for a deal. Many retailers often offer discounts and savings throughout the season. For most people, money is usually tight around this time. This makes it a perfect time for criminals to leverage the fact that many shoppers have their guard down; when looking to save money on popular or hard to find products.
Below are five tips to help keep you safe and keep the “happy” in holidays.
1. Black Friday/Cyber Monday Specials
In the last couple of years, holiday shopping has shifted from standing on long lines waiting to purchase sale items, to the majority of people making online transactions to purchase sale items. Cyber criminals are aware of this and go to extreme measures creating malicious websites that look identical to legitimate sites. Emails that offer huge deals or online ads that promise deep discounts should be a red flag for buyers. As always, never click on links directing you to a website. Type URL’s directly into your web browser and remember, if something seems to good to be true, it more than likely is.
2. Complimentary Vouchers or Gift Cards
A popular holiday scam is big discounts on gift cards. Don’t fall for offers from retailers or social media posts that offer phony vouchers or gift cards paired with special promotions or contests. Some posts or emails even appear to be shared by a friend, but in most cases they themselves have already fallen victim to an account compromise. Always use common sense when it comes to anything being given away for free.
3. Bogus Shipping Notices From UPS and FedEx
Although we see these types of phishing campaigns throughout the year, the increase of online shopping around the holidays makes it a perfect opportunity for fake shipping notifications. Cyber criminals will often spoof email addresses to make unsuspected shoppers think a message is being sent from UPS, FedEx or DHL. Many of these are phishing attacks that try to make you click on a link or open an attachment. Opening a suspicious attachment or clicking on a suspicious link often leads to malware or ransomware being installed on your device. The best advice is, if something looks suspicious don’t open it. If you have ordered something or are expecting a shipment, contact the sender directly.
4. Holiday Refund Scam
These emails seem to come from retail chains or e-commerce companies such as Amazon or eBay claiming there’s a “wrong transaction” and prompt you to click the refund link. However, when you do that and are asked to fill out a form, the personal information you give out will be sold to cyber criminals who use it against you. Always contact the merchant directly if you are concerned. To help protect yourself, never use a debit card for online transactions. If offered, always make purchases using Paypal. Paypal offers great protection for its customers against fraud and prevents you from having to enter your credit card information on a malicious or hijacked website
5. Phishing on the Dark Side
A new phishing email has begun circulating that tricks people into thinking they could win movie tickets for the highly-anticipated film, “Star Wars: The Force Awakens,” due out on Dec. 18. However, the email is a phishing attack. Leading up to the film’s release, and shortly after, you need to watch out for this social engineering attack and not fall for the scam. Stay safe online!