Top Ten Holiday Scams
The holidays are supposed to be about joy, loved ones, special friends and the spirit of giving. But every year the lowest form of criminals do their best to ruin it for everyone but themselves. This year, your team at GDF offers you a list of the top ten cyber scams people run into over the holidays.
Holiday Charity Scams
The giving spirit of the holidays is truly embodied by helping those less fortunate. The trick is making sure your contribution actually gets to whom it is intended and not criminals looking to profit from your generosity. The best way to avoid being scammed by charity fraudsters is to reach out personally to the paticular charities to which you wish to give. Money or payment information you give to a total stranger or an unknown charity is at risk. So if a cause touches your heart, please do give – just don’t automatically trust social media posts, emails, phone calls or even that knock at the door. Ask questions and make an extra phone call.
Malware Heaven – Holiday Downloads
The holidays can be infectious, and hackers are banking on that. Offers for screensavers, animations or other holiday themed downloads pop up everywhere this time of year. Unfortunately, they can also be jam-packed with all kinds of nasty malware. So if you don’t want a horrible surprise that can only dampen your holiday spirit, be sure to download from sources you know are legitimate, preferably those with clearly stated policies and procedures in place to help ensure malware-free downloads.
FedEx/UPS/USPS Delivery Notices
No one is busier during the holidays that parcel delivery services. Of course, hackers know this too, and will be sending out lots of phishing emails disguised as notifications from popular parcel services like FedEx, UPS and the US Postal Service, coaxing targets to open malicious attachments or follow links to fake sites. To stay safe, don’t click on any attachment or link you get in an email notifying you about a parcel. Legitimate emails will have a prominently displayed tracking number within the body of the email itself, not hidden in an attachment or behind a link. Even if you think it may be valid, don’t follow any suggested links, simply go to the site directly (like fedex.com, ups.com and usps.com) and enter the tracking number yourself. Also, don’t hesitate to call a company directly for assistance using the phone number on their site – avoid using any numbers contained in the email itself, as they too may be fictitious!
Holiday Employment Opportunities
When the holidays roll around, many employers need additional help, which is a great thing with so many people looking for work. However, be especially suspicious of any job offer that seems too good to be true, like high paying “no experience necessary” or work-at-home jobs. Many times these types of offers will lead you to signup sites that are built just to gather your personal information. And if they want a payment of any kind to send you the information on the “guaranteed” job that’s being offered, forget it, it’s a scam.
If you are sent an unbelievable offer, beware. Cyber criminals have been known to go as far as designing entire websites around unbelievable offers, and true to form, they will be targeting your personal information or direct access to your valid account. If at all possible, stick to retailers you know and trust. Paying a little bit more and actually getting what you purchased is far better than paying less and receiving nothing but headaches associated with identity theft and compromised accounts.
Be very cautious about following links contained in any egreetings, even if they look like they come from a familiar source. Many times hackers will push out malicious holiday greetings as spam to huge groups hoping to get an initial victim to open it by chance, and then attempt to steal contact lists or break into email accounts. Once hackers achieve this, they can push out more phising emails to friends and family making detection of the scam that much harder.
Hard to find Items
From PlayStations and Xboxes, to Furby Booms and Big Hugs Elmos, some gifts are in such demand that they are going to be hard to find. So when that special offer shows up in touting that one special gift still in stock, proceed with caution. Following links or actually making online purchases based on these sorts of offers can lead to problems such as bait and switch or worse. Reputable retailers don’t need to advertise for incredibly popular items and won’t waste precious time and money spamming “still available” offers.
Smishing – Texts with a punch
Smishing texts employ the same tactics as phishing emails, but they come to your phone. Beware of any text asking for personal information, pin numbers, etc. Dual factor authorization – when an online company sends login information via a text is getting common, and this is another avenue for a hacker to lure unsuspecting targets into divulging their personal and/or account information. Treat texts with the same caution you should use on every email you receive.
Quick cash offers
Bogus loan, credit and quick cash offers have long been hacker favorites, but with wallets and pocketbooks getting squeezed extra tight during the holidays, those offers can look more tempting than ever. Unless you are sure of the legitmacy of the offer, signing up for any type of financial account online can be highly risky. If you see an offer that really grabs your interest, verify the offer on your own, again, without using any links or phone numbers contained in the email offer. These scams are especially dangerous because setting up an online account requires you to reveal a lot of personal information, which can really expose you to identity theft and worse.
Computer Security – the basics still apply
Basic computer security is the foundation for protection against cyber threats and should be a high concern year round, but with the extra zeal with which cyber criminals attack over the holidays it’s best to kick that vigilance up an extra notch this time of year. As a friendly reminder, here is a list of 7 simple tips to help prevent malware infections that will help protect you from cyber attacks and malware infections all year through.
Your team at Global Digital Forensics wishes you and yours a happy holiday season. Stay safe and enjoy the festivities. And if the unthinkable happens and your organization experiences a cyber emergency, we have responders standing by 24/7 every day throughout the holidays. Time is critical when responding to a data breach or cyber intrusion, so don’t hesitate to call us at 1-800-868-8189.
copyright 2013 by Global Digital Forensics. All rights reserved.