Holiday Cyber Scams: How to Identify and Avoid Them!

-

 

The holidays are a time of celebrations, family gatherings, and shopping for Christmas gifts. Millions of American’s head to their local malls, shopping centers, and online retailers to find the most desired treasures for their loved ones to make it a year to remember. While it is an exciting time that elicits happy thoughts and feelings of peace, it is also a time that brings out criminals and evildoers in large numbers who seek to steal away those happy thoughts. Cyber thieves use a wide variety of tricks and scams to separate people from their money, leaving behind confusion, anger, and broken dreams.

Cyber scams have become increasingly complicated and deceitful in recent years. Thieves use emails, texts, credit card skimmers, fake gift cards, and many other enticing traps to create confusion when shoppers are looking for a good deal. Shoppers must be aware of sites that they use to purchase gifts, and never input personal or financial information onto sites that aren’t trusted. In addition to shopping, consumers must be alert to communications from retailers that they make purchases from, as these are some of the ways that scammers try to gain access to your information.

One of the most common ways that criminals use to steal your money is through phishing schemes. These schemes often appear as fake emails or texts from legitimate retailers and other trusted sources. During the holidays, crooks use emails that pretend to be from companies like Apple or Amazon claiming that an account has been disabled or that someone may have hacked their account in an effort to get personal information. They suggest resetting a password, and provide a link that sends the unwitting user to a site designed to harvest ID and password data for hackers.

Apple and Amazon will not actually ask for this kind of personal information in this way, so when you see these kinds of emails and texts you should delete them immediately. If you are ever in doubt of an email or text authenticity, be sure to call the company directly (using publicly published numbers, not phony numbers included in the emails or texts) to inquire about the status of your accounts rather than responding electronically. Another easy way to spot these phishing schemes is to check the email addresses provided as contact points. They will likely contain valid looking information like company names, but they usually have a much longer address with complex sequences of letters and numbers. If it feels wrong, it probably is!

Another frequently used tactic of scammers is fake shipping notifications, also via email or text, that pose as requests from companies like UPS, Amazon, or FedEx. These requests inform the recipients that there is an issue with their order, and insist that they need to verify their identity in order to correct the issue and complete their order. Often, they will threaten that an order will be canceled unless you respond within a certain amount of time. These scammers assume that a potential target actually does have orders pending, and hopes that they fall of for deception as a means of gaining personal info used to steal their identity. Clicking on a link in one of these communications could result in loss of personal information or a virus being unleashed on your computer in the form of Ransomware or Malware.

Much like phishing schemes, companies like UPS and FedEx will not ask a customer to provide passwords or personal information when there is an issue with a shipping order. They will also not threaten to cancel an order within a short period time. Emails or texts requesting personal information to resolve an issue should be deleted at once. Always contact the shipping company directly if you have concerns about the status of a package, and have your shipping number ready to verify your order. Shipping numbers are always provided when orders are placed, and passwords are never used to verify identity when seeking tracking information. Again, things that look out of place should be an indicator that something isn’t right. Trust your instinct, and always call the company directly for clarification.

In addition to aggressive email and text attacks, there are also hundreds of phishing websites passively waiting for unsuspecting visitors to click on them, thinking they are visiting a legitimate retailer. These sites are usually found by clicking on a deal that looks to good to be true (it probably is too good to be true). Following a link for a product that promises to be the best, or offering the best price, can be a powerful lure for a bargain shopper. Everyone wants to get the best deal on the hottest gift, and that is exactly what these sites count on. Unfortunately, when you click on an item to purchase and load in your credit card information, you will likely never receive what you think you are buying (if you receive anything at all). Now, your credit card information is compromised!

When looking for good deals on the internet, it is very important to ensure that you are on a legitimate retail site. Sometimes, phishing sites try to mimic real sites by using similar layouts, color schemes, or even names. There are however ways to tell if a site if legitimate or not. Roll your curser over links or emails on the site to see what the actual addresses are. This technique is called “Mouse-Over”.  Now look at the bottom of your screen to see the actual URL you will go to if you click the link. Similar to phishing emails, the addresses will often have legit-looking names as part of it, but will also contain long sequences of letters, numbers, and special characters that are key indicators of a fake address. Also, real company URL’s will have fairly simple naming conventions, whereas fake sites will be long and complex. Spending the extra time to verify the legitimacy of a site will save you money and anxiety as you navigate the shopping landscape during the holidays!

The holidays should be a joyous time with family and friends. Don’t let the bah-humbugs on the other end of a keyboard send you coal for your stocking. Be alert to things that don’t look right. Be wary of deals that look to good to be true. Spend the extra time to ensure that websites are what you think they are. Always keep a close eye on your money, and know the steps to keep it safe. Staying ahead of the cyber criminals will keep the holidays cheerful and merry!


http://xlncybersecurity.blogspot.com/2018/09/recognizing-phishing-email.html

https://www.xlnsystems.com/mouseover

https://www.zdnet.com/article/scam-spam-and-phishing-texts-how-to-spot-sms-fraud-and-stay-safe/

https://www.csoonline.com/article/3142319/10-top-holiday-phishing-scams.html#slide1

https://www.cnet.com/pictures/4-holiday-shopping-scams-to-avoid-in-2019-phishing-pyramid-schemes-and-more/

Comments

Post a Comment

Popular posts from this blog

-
Cybersecurity in 2021: What to expect in the coming year – Jim Schirtzinger, XLN SYSTEMS As any particular year comes to a close, it is typical to look back at everything that has happened. We celebrate the good, mourn the losses, and try to learn from mistakes. Most will agree that 2020 was an unusual year by any standard, highlighted by a major pandemic, lockdowns, civil unrest, and a controversial presidential election. Rather than dwell on all of the bad that came from 2020, it is time to look ahead to 2021 with anticipation and hope for a return to some form of normalcy. Unfortunately, no matter what improvements are made over 2020 (An effective virus vaccine? A calming of political tension? A robust economic recovery?), Cybersecurity will remain a constant and urgent need for everyone both commercially and privately. With that in mind, what new threats should we expect to face in the digital realm as we turn the page from 2020 to 2021? 2020 saw a huge increase in connected de
Read more

RANSOMware: Protecting Your Small Business

-
As small business owners, we wear many hats in order to grow and protect our businesses.  In today’s Digital Age, we must wear one more; we are the Protector of our business from the threat of Cyber Intrusion, Data Theft, and Financial Embezzlement. But how can we protect our business when big businesses with deep pockets can barely protect themselves?  We read practically every week another well-known large corporation admit they were “hacked” and millions of customer records have become compromised.  Closer to home, we hear how thousands surrender to “digital pirates” via RANSOMware, where your PC and data are held at ransom by data encryption until you pay the bounty. Keep your head up!  There are things we can do to protect our businesses, and these proactive defenses won’t break the bank. First, EDUCATE yourself and your employees who have access to business computers.  Passwords should be at least fourteen characters long, never shared and never written down near the PC.  When re
Read more